[INN-COMMITTERS] STABLE-2_4 inn (configure configure

Forrest J. Cavalier III mibsoft at epix.net
Tue Sep 2 17:58:57 UTC 2003


> both find and fix.  And if we're using a buggy version of sendmail, that
> really doesn't matter much, since we're only using it to send mail and our
> demands on it are pretty severely limited.
> 

I believe remote attackers have control over what INN passes to
sendmail, including some control over message headers.  Couple this
with sendmail bugs, and someone could own a lot (admittedly
not all...depends on configuration) of Usenet servers, by
posting a newgroup message.

If people are complaining about this, too bad.  If sendmail
had a different history, I would agree that this could be
auto-selected.  But that is not the world we live in.

I think installers should be required to "pick their own poison."  If
they are too stupid to find sendmail, then they shouldn't
be running a Usenet site either.

If a site has policy of "no sendmail" then they should not
have to second-guess what INN does.  INN gets installed
by root, and root's path should already be trusted.  If
sendmail isn't in there, it is for a reason.  INN should not
end-run around it.

And no, I do not think that putting MTA as the first line of
inn.conf is sufficient warning to check it.

But I recognize that there are differences of opinion here.
I am not going to sulk due to this change, but I think it
is a mistake and unnecessary risk.  I think it is GOOD
that INN does not always do what other packages do when
installing.




More information about the inn-workers mailing list