Patch-ID# 100100-01
Keywords: group access grpid
Synopsis: sendmail 5.64 + latest security fixes. 
Date: 07/30/90
 
SunOS release:  4.0.3
 
Unbundled Product: 
 
Unbundled Release:
 
Topic: 
 
BugId's fixed with this patch: 1036159

Architectures for which this patch is available: sun3 sun3x sun4 sun4c

Obsoleted by: 4.1.1

Problem Description: See bug report 1036159 for details
Has to do with a user being able to run programs with root's group privileges.

INSTALL:

AS root and for the correct archetecture/OS directory.

example: 4.0.3/sun3

cp /usr/lib/sendmail to /usr/lib/sendmail.orig
cp /usr/lib/sendmail.mx /usr/lib/sendmail.mx.orig

#copy the new version of sendmail to /usr/lib

cp sendmail /usr/lib/sendmail
cp sendmail.mx /usr/lib/sendmail.mx

chown root /usr/lib/sendmail
chown root /usr/lib/sendmail.mx
chmod 4555 /usr/lib/sendmail
chmod 4555 /usr/lib/sendmail.mx
chmod 100 /usr/lib/sendmail.mx.orig
chmod 100 /usr/lib/sendmail.orig

kill and restart sendmail and any mail utilities (mailtool)

One item worth mentioning. The 4.0.3 sendmail and sendmail.mx are a BACK-PORT of 4.1 sendmail.
This mean that the 4.1 features get picked up! So the resolver in 4.0.3 sendmail.mx needs fully qualified
names. See below for more:

One great big Caveat is that the 4.1 sendmail.mx doesn't talk to the
nameserver the way the 4.0.X version did.  In particular in some cases
the 4.0.X version would check for A,CNAME, and MX records and the
4.1 checks ONLY for CNAME records.  Customers might have the to 
publish CNAME records for their hosts OR specify fully qualified names
ending in a "." i.e. hacketorium.Eng.Sun.COM. as the host address.
 
With this in mind the 4.1 sendmail.main.cf has been provided as reference.

