"The recent Sendmail local root exploit must have
supporters of alternative SMTP servers chuckling. I won't be
surprised if this exploit is cited by many as another reason to
switch from Sendmail to Postfix or qmail. I don't buy those
arguments, but there are reasons for some sites to consider an
The new hole is straightforward enough: improper parameters can
be passed by local users to the debug command, which can result in
elevated privileges. This is the first serious security flaw in
Sendmail since 1997, according to reports, and as a local root
exploit it is to my mind a member of the third most serious class
of exploits. I consider both remote root and remote user exploits
to be more serious, because they subvert authentication, while
local root exploits only defeat limits on authorization.
The problem is somewhat reminiscent of the Sendmail exploit used
by the Morris worm, in that it exploits Sendmail's debug mode.
(Incidentally, my last column incorrectly identified that worm as
the first: I had intended to say only that it was the first
Internet worm. Researchers at Xerox PARC had experimented with
worms long before Robert T. Morris wrote his.)"