On Tue, 28 Dec 1999, Brock Tellier wrote: > but wrapper immediatly setuid()'s and setgid()'s to owner:daemon before > execing the wrapped program. Bugs in resend aside, this appears to be an incorrect configuration of wrapper. majordomo should have it's own group as well as user, and it should change to that group, not daemon. This is according to Doc/FAQ in the Majordomo 1.94.4 distribution. The whole point of the wrapper and unique uid/gid is to limit the effect of such bugs. -Chris ========================================================== Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/
- majordomo local exploit Brock Tellier
- Re: majordomo local exploit Todd C. Miller
- Re: majordomo local exploit Taneli Huuskonen
- Re: majordomo local exploit Henrik Edlund
- Re: majordomo local exploit Henrik Nordstrom
- Re: majordomo local exploit Andrew Brown
- Re: majordomo local exploit Olaf Kirch
- Re: majordomo local exploit Coolio
- Re: majordomo local exploit Brock Sides
- Re: majordomo local exploit Christopher Schulte
- Re: majordomo local exploit Christopher X. Candreva
- Re: majordomo local exploit Spidey
- Re: majordomo local exploit Olaf Kirch
- Re: majordomo local exploit Henrik Edlund
- Re: majordomo local exploit Chip Salzenberg
- Re: majordomo local exploit Jefferson Ogata
- Re: majordomo local exploit John Archie
- Re: majordomo local exploit Dale Clark
- Re: majordomo local exploit Chan Wilson
