On Tue, 19 Aug 2008, Wietse Venema wrote:
> Matthias Andree:
> > If Postfix (or qmail[1], or whatever application) claims to support a
> > particular operating system (Linux, Solaris - rather than POSIX), then
> > it has to make proper assumptions to work in that possibly different
> > environment
Matthias Andree:
> If Postfix (or qmail[1], or whatever application) claims to support a
> particular operating system (Linux, Solaris - rather than POSIX), then
> it has to make proper assumptions to work in that possibly different
> environment that Postfix claims to support, rather than blame th
Udo Rader <[EMAIL PROTECTED]> writes:
> Wietse Venema wrote:
>> Summary: Solaris and Linux file system behavior has changed over
>> time, breaking one of the assumptions in Postfix. See below for a
>> description of the behavior and how it disagrees with standards.
>>
>> Postfix is not affected o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wietse Venema wrote:
> Summary: Solaris and Linux file system behavior has changed over
> time, breaking one of the assumptions in Postfix. See below for a
> description of the behavior and how it disagrees with standards.
>
> Postfix is not affected
stfix local privilege escalation via hardlinked symlinks
=
Sebastian Krahmer of SuSE has found a privilege escalation problem.
On some systems an attacker can hardlink a root-owned symlink to
for example /var/mail, and cause Postfix to a
