|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
a point is being missed
*Hobbit* (hobbit
avian.org)Fri, 3 Nov 1995 09:57:46 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Christopher Davis: "Re: Telnet attack on SGI"
- Previous message: Bernd Lehle: "Does the shared lib bug work on any suid program ?"
- Next in thread: Scott Barman: "Re: a point is being missed"
Why in all this telnetd flap has nobody mentioned that /bin/login should be relinked STATICALLY? That at least defers the LD_* class of problem until after login has done the setuid and exec, but still leaves things like IFS passed to scripts. Still, my own rule of thumb is that any binary that talks to the net, handles inbound connections, handles authentication, etc ... should not be depending on shared libs. It's well worth the miniscule disk space hit. Vendors, LISSEN UP. _H*
- Next message: Christopher Davis: "Re: Telnet attack on SGI"
- Previous message: Bernd Lehle: "Does the shared lib bug work on any suid program ?"
- Next in thread: Scott Barman: "Re: a point is being missed"