Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: coredumps on setuid programs.

Re: coredumps on setuid programs.

George Boyce (georgecsteam.com)
Fri, 22 Jul 1994 13:37:10 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Karyn Pichnarczyk: "Re: yes, there's another hole in BIND"
Previous message: pluvius: "Re: Sending escape sequences to xterms via wall/talk"
In reply to: ddzehrtelecom.ksu.edu: "coredumps on setuid programs."
Next in thread: Andrew Beckett: "Re: coredumps on setuid programs."

> >From the man page:

Isn't quoting documentation on a bug mailing list like, um, trusting
that there aren't bugs in the first place? I mean the vendors ship
systems which allow worldwide root access. How do you know some hacker
didn't *write* the man page you are reading...

I always wanted to ship a security patch to 100 random companies and
see how many sites would install it. Just make it look official and...

George
--
George R. Boyce, President, The Computing Support Team, Inc.
315-453-2035, FAX: 315-453-2395, georgecsteam.com, http://gems.com/
200 Elwood Davis Rd, Suite 102, Liverpool NY, 13088

Next message: Karyn Pichnarczyk: "Re: yes, there's another hole in BIND"
Previous message: pluvius: "Re: Sending escape sequences to xterms via wall/talk"
In reply to: ddzehrtelecom.ksu.edu: "coredumps on setuid programs."
Next in thread: Andrew Beckett: "Re: coredumps on setuid programs."