Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_3

Bugtraq archives for 3rd quarter (Jul-Aug) 1995: Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)

Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)

Casper Dik (casperHolland.Sun.COM)
Thu, 13 Jul 1995 16:43:38 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Court: "NT sniper bug?"
Previous message: Jas: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"
In reply to: Jeremy Fitzhardinge: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"
Next in thread: Casper Dik: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"

>> Am I correct in stating that this problem only occurs on SVR4 based unix's
>> [where /proc exists]?  Or would, say, SunOS 4.1.x be affected?
>
>This affect's Linux's /proc, but may well be an issue with SVR4's /dev/fd
>directory.  While this doesn't exist by default on SunOS 4, there is a
>commonly available kernel driver to implement it.


The /dev/fd pseudo directory gives access only to the filedescriptors
of the current process.  They don't give access to outside processes.

Casper

Next message: Brian Court: "NT sniper bug?"
Previous message: Jas: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"
In reply to: Jeremy Fitzhardinge: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"
Next in thread: Casper Dik: "Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)"