[Next] [Previous] [Up] [Top] [Contents]
28.9 Security Loopholes
28.9.7 Mail
Remove the decode aliases from /etc/aliases (SunOS 4.1.X) and /etc/mail/aliases (SunOS 5.X). Should there be any other aliases that pipe programs through commands make sure that there is no way to obtain a shell or send commands to a shell from the alias. Make sure your sendmail doesn't support the debug command. Check this by telneting to your SMTP port and typing "debug".
Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]