Next | qmail | 21 |
qmail-lspawn is the one and only setuid root program in the entire suite
It does exactly two things:
Change its identity to the recipient user
Run qmail-local
What if someone runs qmail-lspawn manually?
Nothing; they could get the same effect by sending email to some user
In contrast, all of sendmail's giant, bloated, festering self runs as root
If there is a bug in sendmail, an attacker can often get root privilege
continued...
Next | Copyright © 2004 M. J. Dominus |