Bugtraq mailing list archives
Re: procmail
From: jlewis () inorganic5 fdt net (Jon Lewis)
Date: Tue, 6 Aug 1996 17:11:33 -0400
On Tue, 6 Aug 1996, Adam Shostack wrote:
Such bugs might exist in a users .procmailrc, based on bad programming. Procmail is after all, a language for mail processing. People can do dumb things with it. I'd be suprised to see a bug in the procmail program that would open an xterm, but I've been suprised before. ;)
I emailed the author of procmail about this...and he guesses that the poster meant that you could break into your own account by running an xterm in your .procmailrc on a system where you normally would have email only and not shell access. This would be much more a system admin problem than procmail problem. ------------------------------------------------------------------ Jon Lewis | Mime attachments are OK jlewis () inorganic5 fdt net | But please ask before sending http://inorganic5.fdt.net | unsolicited huge files. ________Finger jlewis () inorganic5 fdt net for PGP public key_______
Current thread:
- Re: Exploiting Zolaris 2.4 ?? :) Leif Hedstrom (Aug 04)
- <Possible follow-ups>
- Re: Exploiting Zolaris 2.4 ?? :) Fletch (Aug 04)
- Re: your mail Greg Woods (Aug 05)
- Re: your mail neill (Aug 05)
- PAM login programs? Josh Wilmes (Aug 05)
- procmail DANIEL .D .EZEKIEL (Aug 05)
- (Fwd) CERT Advisory CA-96.17 - Vulnerability in Solaris vold Hubert Feyrer (Aug 06)
- Re: procmail Adam Shostack (Aug 06)
- Re: procmail Jon Lewis (Aug 06)
- Re: procmail Neil Soveran-Charley (Aug 06)
- Re: procmail James Wang (Aug 06)
- Re: procmail Kari E. Hurtta (Aug 06)
- Re: procmail Ficus Kirkpatrick (Aug 07)
- Re: procmail Melody Lynn Yoon (Aug 07)
- Re: your mail Greg Woods (Aug 05)
- Re: PAM login programs? Marek Michalkiewicz (Aug 06)
- Re: PAM login programs? Arthur Donkers (Aug 06)