home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.next.sysadmin
- Path: sparky!uunet!decwrl!csus.edu!news
- From: eps@futon.SFSU.EDU (Eric P. Scott)
- Subject: Re: Syntax for .forward file?
- Message-ID: <1992Jul29.230156.12459@csus.edu>
- Sender: news@csus.edu
- Reply-To: eps@cs.sfsu.edu
- Organization: San Francisco State University
- References: <1992Jul28.140456.2096@Happy-Man.com> <1992Jul29.170030.6941@ifi.unizh.ch>
- Date: Wed, 29 Jul 1992 23:01:56 GMT
- Lines: 13
-
- In article <1992Jul29.170030.6941@ifi.unizh.ch>
- lytras@avalon.physik.unizh.ch (Lytras Apostolos) writes:
- >The .forward file is used by sendmail which is running suid root, so I
- >wonder if there is a chance someone might use this feature (forwarding
- >through pipes) to gain special privileges (a.k.a. hacking). Or is send-
- >mail prepared to deal with such an attempt?
-
- A properly-functioning sendmail will assume the identity of the
- recipient user when processing a .forward file.
-
- (Questions about sendmail? Try comp.mail.sendmail!)
-
- -=EPS=-
-