World writable PID w/Linux ipop3d (Redhat 4.2)

Alex Mottram (alex@net-connect.net)
Mon, 14 Jul 1997 12:31:17 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: James Crawford Ralston: "Re: Vulnerability in Glimpse HTTP"
Previous message: Gene Spafford: "Re: Book on web security"

There appears to be a possible problem in the imap/pop3 daemon shipped
with (at least)
redhat version 4.2. While I don't have the time to research it fully, a
world-writable
PID file is probably not a good thing.. even if the daemon is running as
the user id
checking mail.. Perhaps someone with more time can check into it.

Please forgive me if this message is completely unwarranted. No flames,
please.

-----
+OK localhost POP3 3.3(36) w/IMAP client (Report problems in this server
to MRC@CAC.Washington.EDU) at Mon, 14 Jul 1997 11:48:11 -0500 (CDT)

user alex
+OK User name accepted, password please
pass password
+OK Mailbox open, 11 messages

ls -al /tmp/.802.2788e
-rw-rw-rw- 1 alex alex 5 Jul 14 11:51 /tmp/.802.2788e

[notalex@localhost /tmp]$ whoami
notalex

[notalex@localhost /tmp]$ ps -aux|grep pop
alex 11857 0.9 1.3 1240 884 ? S 12:16 0:00 ipop3d
[notalex@localhost /tmp]$ cat /tmp/.802.2788e
11857

[notalex@lcoalhost /tmp]$ echo 11629 > /tmp/.802.2788e
[notalex@localhost /tmp]$ cat /tmp/.802.2788e
11629

[notalex@localhost /tmp]$ uname -a ; cat /etc/redhat-release; rpm -q
imap
Linux localhost 2.0.30 #1 Mon Jun 23 16:19:33 CDT 1997 i586 unknown
release 4.2 (Biltmore)
imap-4.1.BETA-5

Next message: James Crawford Ralston: "Re: Vulnerability in Glimpse HTTP"
Previous message: Gene Spafford: "Re: Book on web security"