diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2000-04-23 22:06:25 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2000-04-23 22:06:25 +0000 |
| commit | 66368ffe6ca571f23a73228dac73e613fc1385be (patch) | |
| tree | 9b05baf8f92a77ba2984ecf34145711a9f2e93fb | |
| parent | Upgrade to 1.0.6 (diff) | |
Note a local mailbox DoS vulnerability, advisory forthcoming.
Notes
Notes:
svn path=/head/; revision=27938
| -rw-r--r-- | mail/imap-uw/pkg-install | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/mail/imap-uw/pkg-install b/mail/imap-uw/pkg-install index 05200dccd71d..6257ca0fce8f 100644 --- a/mail/imap-uw/pkg-install +++ b/mail/imap-uw/pkg-install @@ -5,7 +5,7 @@ case $2 in POST-INSTALL) ;; PRE-INSTALL) - if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nDo you wish to proceed with the build?" 13 65 < ${TTY} >${TTY} 2>&1; then + if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nThere is also a vulnerability wherein local users can prevent\narbitrary POP2/3 mailboxes from being opened, and force IMAP\nmailboxes to only open read-only.\n\nDo you wish to proceed with the build?" 16 65 < ${TTY} >${TTY} 2>&1; then exit 0 else exit 1 |