Bugtraq mailing list archives
Re: Claimed Postfix Vulnerabilities
From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Mon, 21 Dec 1998 15:38:51 -0500
4 - Claim: a local user can make hard links to Postfix maildrop queue files and thus prevent mail from being delivered.
Response: the mail will be delivered. When a queue file has more than one hard link, Postfix deletes the hard link, and logs a warning. When the hard link count reaches 1, Postfix delivers the mail.
This sounds as though the claim is actually true. Notice that the malicious-user-created hardlink does not have to be in the Postfix queue directory; it can be in any directory that user can write to on that filesystem. Postfix will then discard (and gripe about) all the hardlinks in its queue directory. (The user can then blow away the created link(s) and the mail will silently vanish, without, as far as I can tell, any way to trace after the fact who did it.) der Mouse mouse () rodents montreal qc ca 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- Claimed Postfix Vulnerabilities Wietse Venema (Dec 21)
- <Possible follow-ups>
- Re: Claimed Postfix Vulnerabilities der Mouse (Dec 21)
- Re: Claimed Postfix Vulnerabilities bobk (Dec 23)