Subject: Re: localhost security hole
To: None <email@example.com>
From: David Porowski <firstname.lastname@example.org>
Date: 06/28/2003 23:20:53
Sorry to be a "butinski", but I feel compelled to reply
to this thread. As a user who is frequently "untethered",
(laptop) and also security conscience, I would consider the
1) never run sendmail as a daemon
2) never run sendmail as suid root
3) always configure nsswitch as: hosts: files dns
4) always chmod /etc/hosts as 0666
5) always use 127.0.0.1 localhost.domain localhost
IMHO, root mail should, by default, only go to the
local machine. Any management changes for network
mail collection can always be scp pushed to these
machines. DNS can be spoofed, and your first line
of defense is what you have the closest control of.
I have been a bit busy to step up to 1.6 (now 1.6.1?),
and so cannot comment on what sysinst currently can
or cannot do. I can comment however on sendmail: it
is the grandfather of all mail programs, and carries
some interesting (and arcane) baggage. Perhaps it is
time to offer an alternative mail program, like qmail.
Just my $00.02 worth.
David Porowski email@example.com
Rick Kelly wrote:
> Andrew Brown said:
> >sendmail knows to deliver to "localhost". it looks up "localhost" and
> >finds 127.0.0.1. when it attempts delivery there, it also looks up
> >220.127.116.11.in-addr.arpa so that it can put a canonicalized name in the
> >logs. in your case, that maps to "localhost.citi.umich.edu". you
> >need to fix that, but i don't believe it's a problem.
> Or to put it a little differently. If you don't have a localhost zone
> in your DNS configuration, then your DNS is broken.
> Rick Kelly firstname.lastname@example.org www.rmkhome.com