On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote: > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote: > > The potential hole I see in mutt is not actually a hole in mutt but in > > various helpers used by mutt users. For example, many of us use w3m or > > links or some other text browser to dump html messages to plain text > > For that to work, various helper apps would have to be run as root or > with root privileges.
Not true. A simple 'rm -rf ~' or equivalent could thoroughly devastate the user whose mail the payload appeared in. A looping shell script could send out spam or take part in a DDOS attack by sending out mail or initiating other connections from the compromised user's account. Neither of these requires root access. Granted, non-root exploits would only affect the single user's account rather than the system as a whole, but that makes them no less damaging to that user. (And then theres the matter of using a hole in a non-root setting to run a local root exploit and gain root that way, but that's already been brought up by someone else.) -- News aggregation meets world domination. Can you see the fnews? http://seethefnews.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]