>Who knows what the root-shell-giving security hole is in Sendmail 8.6.12 >that was incompletely patched in 8.7, and (supposedly) finally patched >in 8.7.1? I wonder if the attack is still possible if there is a "smrsh" shell installed instead of "sh" in sendmail.cf ? -- Janis Lacis, LATNET administrator, Institute of Mathematics and Computer Science, University of Latvia Rainis boulevard 29, Riga Phone: +3712-212427 LV-1459,Latvia Fax: +3718-820153 E-mail: janis@mii.lu.lv ==========================================================================