usa@portia.Stanford.EDU (Nan Wu) (09/22/90)
I am posting this for a friend who cannot send mails because the system manager doesn't want people to read messages and thus has disabled the Berkeley "mail" program. However, the sendmail daemon is still running. His question is: can he get the source code for the "mail" program so that he can at least send out messages through sendmail daemon? The machine he is on is a Dec-station 3100 running Ultrix. He'll appreciate any pointers. Please e-mail to this account. Thanks!
rickert@mp.cs.niu.edu (Neil Rickert) (09/22/90)
In article <1990Sep21.171510.3817@portia.Stanford.EDU> usa@portia.Stanford.EDU (Nan Wu) writes: >I am posting this for a friend who cannot send mails because the system >manager doesn't want people to read messages and thus has disabled the >Berkeley "mail" program. However, the sendmail daemon is still running. >His question is: can he get the source code for the "mail" program so >that he can at least send out messages through sendmail daemon? The >machine he is on is a Dec-station 3100 running Ultrix. He'll appreciate >any pointers. Please e-mail to this account. Thanks! 1. Are you asking us to tell you how to bypass security and do an and run around the system manager? No way. Asking is ethically questionable. 2. It the manager wants to restrict users, he has two choices: (a) Pull the plug. (b) Start using a different operating system. Unix wasn't designed for these restrictions. For example if the Berkeley "mail" program you are referring to is /usr/ucb/Mail, all it does is provide a tolerably friendly front end to do things you could perfectly well do with a text editor. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science <rickert@cs.niu.edu> Northern Illinois Univ. DeKalb, IL 60115. +1-815-753-6940
jgd@rsiatl.UUCP (John G. DeArmond) (09/22/90)
rickert@mp.cs.niu.edu (Neil Rickert) writes: > 1. Are you asking us to tell you how to bypass security and > do an and run around the system manager? No way. Asking > is ethically questionable. There's always one of these on the net, isn't there? A cop wannabe. *sigh* >In article <1990Sep21.171510.3817@portia.Stanford.EDU> usa@portia.Stanford.EDU (Nan Wu) writes: >I am posting this for a friend who cannot send mails because the system >manager doesn't want people to read messages and thus has disabled the >Berkeley "mail" program. However, the sendmail daemon is still running. >His question is: can he get the source code for the "mail" program so >that he can at least send out messages through sendmail daemon? The >machine he is on is a Dec-station 3100 running Ultrix. He'll appreciate >any pointers. Please e-mail to this account. Thanks! I'll give you a straight answer because not only do I realize that security by obscurity is no security at all but also because I realize that many sysadms are not in the chain of command and end up being pricks just to show that they can. I looked through my archives and found at least half a dozen mail agents. From BSD, there is ucb mail and the sendmail daemon. Then there are ELM, MUSH, and ACS among others. These are available from UUNET and/or the BSD distribution. If you or your friend looks on UUNET, prowl around ~ftp/bsd-sources/src/Mail or thereabouts. If all else fails, contact me by email and we can arrange a media exchange. John -- John De Armond, WD4OQC | We can no more blame our loss of freedom on congress Radiation Systems, Inc. | than we can prostitution on pimps. Both simply Atlanta, Ga | provide broker services for their customers. {emory,uunet}!rsiatl!jgd| - Dr. W Williams | **I am the NRA**
ahd@clutx.clarkson.edu (Drew Derbyshire,,,6176413739) (09/23/90)
>>In article <1990Sep21.171510.3817@portia.Stanford.EDU> usa@portia.Stanford.EDU (Nan Wu) writes: >>I am posting this for a friend who cannot send mails because the system >>manager doesn't want people to read messages and thus has disabled the >>Berkeley "mail" program. However, the sendmail daemon is still running. >>His question is: can he get the source code for the "mail" program so >>that he can at least send out messages through sendmail daemon? The >>machine he is on is a Dec-station 3100 running Ultrix. He'll appreciate >>any pointers. Please e-mail to this account. Thanks! > > I'll give you a straight answer because not only do I realize that > security by obscurity is no security at all but also because I realize > that many sysadms are not in the chain of command and end up being pricks > just to show that they can. The correct question to ask is WHY doesn't the sysadmin want people reading mail. Some reasons can be changed, and some reasons you cannot beat with a new mail program (such as he never configured the sendmail.cf properly). The correct action is not to install your own mailer, but rather get policy (or the sysadmin) changed. This is not for ethical reasons, but rather, the simple reason if the sysadmin catches the user doing an end run all hell will break looose. For those who live to beat the Sysadmin, however, try: ln -s /usr/lib/sendmail mail ./mail If the sysadmin forgot to lock up sendmail itself, and only locked the "mail" link to the sendmail program, creating and invoking your own soft link to it will cause it to run in a mode you send mail from. Of course, delete the link when done to reduce the chances of the aforementioned all hell breaking loose. This approach, if it works, is "somewhat" faster than transferring the source for sendmail halfway across the known universe and recompiling. :-)
rickert@mp.cs.niu.edu (Neil Rickert) (09/23/90)
In article <1990Sep22.231012.25710@news.clarkson.edu> ahd@clutx.clarkson.edu writes: >For those who live to beat the Sysadmin, however, try: > > ln -s /usr/lib/sendmail mail > ./mail > Please don't try this, folks. It won't work, and will only frustrate you and you system administrator. For those who are still confused, 'mail' (whether /usr/ucb/Mail or /bin/mail) is a user mail agent. 'sendmail' is a mail transfer agent. What 'Mail' does is add necessary headers, then invoke 'sendmail' to transfer the mail. There is nothing that 'Mail' does which cannot be done with a simple text editor, perhaps followed by file indirection to get the mail to 'sendmail'. The originator of this news series would be better advised to learn to do this with an editor, and forget about sources. Why go to a lot of trouble compiling sources, leave information around on your directory that a nasty sysadmin can use to blame you for circumventing his rules, etc, when 'vi' can do the job. Moreover, if the sysadmin really knows his job, he has also disabled some 'suid' programs which you cannot do without, and which having access to public sources won't help unless you can become root. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science <rickert@cs.niu.edu> Northern Illinois Univ. DeKalb, IL 60115. +1-815-753-6940
jsd@GAFFA.MIT.EDU (the leather creaks and the god speaks) (09/23/90)
In article <4072@rsiatl.UUCP> jgd@rsiatl.UUCP (John G. DeArmond) writes: >>In article <1990Sep21.171510.3817@portia.Stanford.EDU> usa@portia.Stanford.EDU (Nan Wu) writes: >>I am posting this for a friend who cannot send mails because the system >>manager doesn't want people to read messages and thus has disabled the >>Berkeley "mail" program. However, the sendmail daemon is still running. > >I'll give you a straight answer because not only do I realize that >security by obscurity is no security at all but also because I realize >that many sysadms are not in the chain of command and end up being pricks >just to show that they can. Cheers, John. Thumbs up. To answer the original question - it is important to know if you can still run the program sendmail. As long as you can execute that, then you are all set. All that mail does is give you a nice front end. Compose a text file in appropriate RFC-822 format and send it straight into sendmail, with the -t option (which will cause sendmail to scan the file for recipients). In fact, this message is being posted via a small script I wrote that adds a few header lines and sends a file to the netnews posting agent. For some reason, the posting software around MIT can take up to five minutes to do its work. I found that rather obstructive. +---------------------- Is there any ESCAPE from NOISE? ---------------------+ | | |\ | jsd@gaffa.mit.edu | ZIK ZAK - We make everything you need, | | \|on |/rukman | -Fight The Power- | and you need everything we make. | +----------------------------------------------------------------------------+
mjr@hussar.dco.dec.com (Marcus J. Ranum) (09/24/90)
>I am posting this for a friend who cannot send mails because the system >manager doesn't want people to read messages and thus has disabled the >Berkeley "mail" program. However, the sendmail daemon is still running. This is bogus. Simply talk directly to sendmail, EG: /usr/lib/sendmail -v user type your message, and hit control-D. Wrap it in a shell script that calls an editor and feed the results to sendmail. If the machine is networked, he can always talk to the sendmail demons on other machines manually - or to the local one. That is left as an exercise to the reader. mjr.