Re: security risk about eggdrop

To: Juergen Nagler <Juergen.Nagler@student.uni-ulm.de>
Cc: debian-isp@lists.debian.org
Subject: Re: security risk about eggdrop
From: Tamas TEVESZ <ice@extreme.hu>
Date: Sat, 18 Dec 1999 11:03:46 +0100 (CET)
Message-id: <[🔎] Pine.LNX.3.96.991218110135.28407C-100000@mailtrans.sote.hu>
In-reply-to: <[🔎] 385A5F76.39016568@student.uni-ulm.de>

On Fri, 17 Dec 1999, Juergen Nagler wrote:

 > some user here requested to start the IRC bot eggdrop and I'm not sure
 > if I should allow this. Do you know any security risks about it.

i wouldn't.

if you would, be sure to put it in a chrooted environment.
(most eggdrops are poorly configured, ppl w/ rights +mn have access to
.tcl commands, which means .tcl exec
eggdrop/filesystem/incoming/myexploit)

-- 
[-]
- Túlélsz, pöcök.

Reply to:

References:
- security risk about eggdrop
  - From: Juergen Nagler <Juergen.Nagler@student.uni-ulm.de>

Prev by Date: Re: Sendmail virtual domain trivia
Next by Date: Questions on a redundant mail system
Previous by thread: security risk about eggdrop
Next by thread: Maildir format and daemons
Index(es):
- Date
- Thread