On Wednesday 03 December 2003 13:02, Davide Libenzi wrote:
> On Wed, 3 Dec 2003, Jeffrey Laramie wrote:
> > Hi Everyone,
> >
> > There is an updated version of my "Beginner's Guide" now available here.
> >
> > http://www.ubaight.com/xmail/BeginnersGuide.html
> >
> > For those of you who haven't seen the draft, The Guide has been
> > completely re-written and has a number of new sections. If you read the
> > draft then the only substantial change is the addition of a section on
> > installing the Ecartis mailing list manager.
>
> Big warning when using Ecartis, expecially coupled with XMail. Ecartis is
> not the more secure package on earth, this is a know thing. Also, its suid
> ecartis might let you think that you are safe, but you are indeed not.
> Since XMail runs it as root, a suid ecartis does not prevent a rootkit to
> do a setuid(0) and regain root privileges. I use this trivial wrapper
> called swrap.c:
I dropped this code into a file and compiled it and ran it without any
problems. If you send me a file header with the licensing stuff you want,
I'll add that to make sure you get attributed correctly. Same thing for the
ecartis.sh script you sent.
>
> Replace 503 with the real uid/gid of the ecartis user/group. Also, a small
> change to the Ecartis src/core.c file:
>
> +#define MAX_STK_SHIFT 1024
>
> int main (int argc, char** argv)
> {
> char *temp;
> int errors = 0;
> int exitearly = 0;
> int count = 0;
> char buf[BIG_BUF];
>
> + srand(time(NULL) * getpid() + XXXX);
> + alloca(rand() % MAX_STK_SHIFT);
>
> where XXXX is your secret constant. Also, I run prelink (-R):
I didn't get to try this yet. Any restrictions on the size/type of the secret
constant?
Jeff
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]
