Patch-ID# 100377-04 Keywords: matching, wildcard, sendmail, forward, uid's > 32767, security, LD_ environment variables Synopsis: SunOS 4.1;4.1.x: Sendmail.mx doesn't recognize wildcard, forward, uid's > 32767, "LD_" environment variables can be exploited to subvert security, sendmail -t fails Date: 5-14-92 SunOS release: 4.1, 4.1.x Topic: sendmail wildcard fix, uid greater than 32k, environment variables BugId's fixed with this patch: 1036159,1056203,1030087,1068637,1085853,1041284 Architectures for which this patch is available: sun3, sun4 Patches which may conflict with this patch: 100099-01 (obsoleted) Obsoleted by: Problem Description: Bug ID: 1036159 --------------- A user can exploit sendmail to run programs with root's group privileges. Bug ID: 1056203 --------------- Take for example, viewlogic.com. IN MX 10 suntan.viewlogic.com. *.viewlogic.com. IN MX 10 suntan.viewlogic.com. If the system runs sendmail.mx when it comes to a site that has MX records setup then sendmail.mx will connect back to itself. This causes an "Internal error" message when sending mail. Bug ID: 1030087 --------------- Synopsis: sendmail yp aliasing does not work with non sun yp masters Bug ID: 1068637 --------------- sendmail ignores the .forward file of users with uid values over 32767 Bug ID: 1085853 --------------- security can be subverted with "LD_" environment variables Bug ID: 1041284 --------------- Sendmail -t fails when nfs mount /var/spool/mail from mailhost INSTALL: Make a copy of the old files: mv /usr/lib/sendmail.mx /usr/lib/sendmail.mx.fcs mv /usr/lib/sendmail /usr/lib/sendmail.fcs Change permissions on old files so they can't be executed: chmod 0400 /usr/lib/sendmail.mx.fcs /usr/lib/sendmail.fcs Install the patched files: cp `arch`/sendmail /usr/lib/sendmail cp `arch`/sendmail.mx /usr/lib/sendmail.mx change the owner and file premissions of /usr/lib/sendmail and /usr/lib/sendmail.mx to match those below: chown root.staff /usr/lib/sendmail.mx /usr/lib/sendmail chmod 4551 /usr/lib/sendmail.mx /usr/lib/sendmail -r-sr-x--x 1 root staff 155648 Oct 11 1990 /usr/lib/sendmail.mx -r-sr-x--x 1 root staff 139264 Oct 11 1990 /usr/lib/sendmail Kill and restart sendmail and mailtool.