3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
76 lines
2.7 KiB
Text
76 lines
2.7 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
=============================================================================
|
|
FreeBSD-SA-00:28 Security Advisory
|
|
FreeBSD, Inc.
|
|
|
|
Topic: majordomo is not safe to run on multi-user machines
|
|
|
|
Category: ports
|
|
Module: majordomo
|
|
Announced: 2000-07-05
|
|
Affects: Ports collection.
|
|
Corrected: See below
|
|
Vendor status: Problem documented
|
|
FreeBSD only: NO
|
|
|
|
I. Background
|
|
|
|
Majordomo is a popular mailing-list manager.
|
|
|
|
II. Problem Description
|
|
|
|
Majordomo contains a number of perl scripts which are executed by a
|
|
setuid wrapper for providing mailing-list management
|
|
functionality. However there are numerous weaknesses in these scripts
|
|
which allow unprivileged users to run arbitrary commands as the
|
|
majordomo user, as well as obtaining read and write access to the
|
|
mailing list data.
|
|
|
|
The majordomo port is not installed by default, nor is it "part of
|
|
FreeBSD" as such: it is part of the FreeBSD ports collection, which
|
|
contains over 3400 third-party applications in a ready-to-install
|
|
format.
|
|
|
|
FreeBSD makes no claim about the security of these third-party
|
|
applications, although an effort is underway to provide a security
|
|
audit of the most security-critical ports.
|
|
|
|
III. Impact
|
|
|
|
Unprivileged local users can run commands as the 'majordomo' user,
|
|
including accessing and modifying mailing-list subscription data.
|
|
|
|
If you have not chosen to install the majordomo port/package, then
|
|
your system is not vulnerable to this problem.
|
|
|
|
IV. Workaround
|
|
|
|
Deinstall the majordomo port/package, if you you have installed it, or
|
|
limit the permissions of the majordomo/ directory and/or its contents
|
|
appropriately (see below).
|
|
|
|
V. Solution
|
|
|
|
Since the vendor has chosen not to fix the various security holes in
|
|
the default installation of majordomo, there is no simple solution. It
|
|
may be possible to adequately secure the majordomo installation while
|
|
retaining required functionality, by tightening the permissions on the
|
|
/usr/local/majordomo directory and/or its contents, but these actions
|
|
are not taken by the FreeBSD port and are beyond the scope of this
|
|
advisory.
|
|
|
|
Instead we recommend that majordomo not be used on a system which
|
|
contains untrusted users, or an alternative mailing-list manager be
|
|
used. There are several such utilities in the FreeBSD ports
|
|
collection.
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: 2.6.2
|
|
|
|
iQCVAwUBOWGsGFUuHi5z0oilAQFUtgP9Gwb/h0AFJB8RH9LkE3zlmaTfePGGnIgk
|
|
/SBux8RBiwPnEw4M25mZt26eV6Bd/MIdN8Gnb7q551TD8nrZu0N6//vi5w8uM5/l
|
|
itRXtnE4FfqERWOTOt25b8N0kCtqESqGMPMyA1m1x+7wFHpq1B69gsQl8MbohUr5
|
|
NlLkkEu6AQI=
|
|
=EkWc
|
|
-----END PGP SIGNATURE-----
|