> a) Sendmail (tested with 8.9.3 and previous) allows you to put mail
> addressed to eg. '|/bin/sh' (or any file) into mail queue. Fortunately,
> this queue file should contain also line like 'Croot' to be processed
> properly, while we have no idea how to put it there. But, anyway,
> seems to be dangerous - Sendmail should reject such crap immediately:
>
> /usr/sbin/sendmail -O 'DeliveryMode=d' '""|/bin/sh'
>
> (without these double-quotes, it _will_ immediately drop your message)
with or without these double-quotes the message is immediately dropped
on redhat linux with the message
[rob@greedo rob]$ /usr/sbin/sendmail -O 'DeliveryMode=d' '""|/bin/sh'
""|/bin/sh... User unknown
[rob@greedo rob]$ /usr/sbin/sendmail -O 'DeliveryMode=d' '|/bin/sh'
|/bin/sh... Cannot mail directly to programs
Same hapens if I am root or try remotely.
Rob
