Finding sendmail during configure (was: [INN-COMMITTERS] ...)

[Russ Allbery]

Forrest J Cavalier <mibsoft at epix.net> writes:

> I believe remote attackers have control over what INN passes to
> sendmail, including some control over message headers.  Couple this with
> sendmail bugs, and someone could own a lot (admittedly not all...depends
> on configuration) of Usenet servers, by posting a newgroup message.

I'm not seeing where control messages offer any control over anything
other than the sanitized message body, apart from some extremely
well-checked data that goes into the Subject line.

Moderated group submissions are probably more of the issue.  But I don't
see how specifying the location of sendmail actually helps this any.

> If people are complaining about this, too bad.  If sendmail had a
> different history, I would agree that this could be auto-selected.  But
> that is not the world we live in.

The fact remains that this is what every other package does, and this is
what people expect.  Including myself.

> But I recognize that there are differences of opinion here.  I am not
> going to sulk due to this change, but I think it is a mistake and
> unnecessary risk.  I think it is GOOD that INN does not always do what
> other packages do when installing.

Wow, that's a pretty major difference of opinion... I consider it to
almost always be a bug.  (It's not installing so much as configuring in
this particular instance.)

But I'd love to hear other opinions....

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.