|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: AfterStep asfsm tmp hole
Kristofer Coward (kris
SNOW.UTORONTO.CA)Tue, 25 Aug 1998 12:40:28 -0400
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Jeff Mcadams: "Re: Serious Security Hole in Hotmail"
- Previous message: Kristofer Coward: "AfterStep asfsm tmp hole"
> > The disk usage monitor that comes with AfterStep (asfsm) overwrites > > /usr/tmp/statfs regularly as whoever launched it, allowing the typical > > symlink crap we've come to expect, including a possible DoS if run as > > root. > > Which version? Have you contacted the developers first?! 1.4.x (haven't checked 1.0, or 1.5pre). I posted to the as list before writing here, that post also told them that it would be posted here. It's a small enough bell/whistle that most of the world should be able to live without it until it's patched (not that that should take long). Kris Coward
- Next message: Jeff Mcadams: "Re: Serious Security Hole in Hotmail"
- Previous message: Kristofer Coward: "AfterStep asfsm tmp hole"