|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: pingflood.c
Theo de Raadt (deraadt
CVS.OPENBSD.ORG)Mon, 18 May 1998 12:46:16 -0600
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Andreas Jellinghaus: "Re: simple kde exploit fix"
- Previous message: Gustavo Molina: "Fake "Win98Nuke" program"
- In reply to: Aggelos P. Varvitsiotis: "Re: pingflood.c"
- Next in thread: sinsterDARKWATER.COM: "Re: pingflood.c"
> BTW, how many setuid programs are there that will catch various > signals and will behave "not-as-expected" when forked off by a > signal-bomber parent process, such as pingflood? Unlike seemingly everone else in this thread, who are very busy trying to patch ping for a problem which it is obvious many other programs in the source tree will also encounter, Aggelos has taken the first step and used started thinking about the further consequences. Yes, this is a much bigger problem. Yes, other parts of the system are also affected by this and similar problems. For all kinds of signals. For more information on how I have fixed this problem, due to a conversation with David Holland a couple months back about this basic problem, see both www.openbsd.org/security.html#23 and www.openbsd.org/errata.html#kill
- Next message: Andreas Jellinghaus: "Re: simple kde exploit fix"
- Previous message: Gustavo Molina: "Fake "Win98Nuke" program"
- In reply to: Aggelos P. Varvitsiotis: "Re: pingflood.c"
- Next in thread: sinsterDARKWATER.COM: "Re: pingflood.c"