[Mimedefang] Re: Issues with porting MIMEDefang to another MTA

Jeremy Mates jmates at sial.org
Tue Apr 1 11:19:01 EST 2003


* Stephane Lentz <Stephane.Lentz at ansf.alcatel.fr>
> Some OpenBSD user counts it :
> <<
> So, in total we have seven bugs: one non-exploitable, four local root,
> and two remote root
> >>

OpenBSD users have systrace, and ProPolice in the compiler for the 3.3
release.  These drop the odds of exploitation of any of those bugs,
requiring a bug in Sendmail and also a means for the attacker to escape
the ProPolice guards and systrace policies.

Gentoo Linux has done some work on implementing ProPolice; not sure how
other unix vendors stand with regard to such protections.



More information about the MIMEDefang mailing list