[Simon Walter] Bug#506353: mailscanner: many scripts allow local users to overwrite arbitrary files, and more, via symlink attacks

Glenn Steen glenn.steen at gmail.com
Thu Dec 4 12:29:44 GMT 2008

2008/12/4  <simon.walter at hp-factory.de>:
>> Simon Walter wrote on Wed, 03 Dec 2008 23:46:46 +0100:
>>> MX invalid
>>> I don't know what's causing this...
>> The answer is here. Your MX is a CNAME.
> which points to an A record...
> ... like CNAMEs are dangerous.
So ...? They aren't allowed for MXs.
One could likely say pretty much the same about the "scary
tmp/symlink" things:-). One thing to note... If you run something that
don't run as root, the vulnerability is more or less completely
nullified. So we PF users are safe from our users, AFAICS:-).
Or was there more to the attack vector than that?

> Thanks for the information. I'll tell the server-admin. Perhaps he will
> change it.

-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list