|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: (debian) Re: suidperl; more
From: Alexander Oelzant (aoe
OEH.NET)Date: Tue Aug 08 2000 - 08:03:33 CDT
- Next message: Matt Power: "OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow"
- Previous message: Matthew Kirkwood: "Re: sperl 5.00503 (and newer ;) exploit"
- In reply to: Sebastian: "re, suidperl; more"
- Next in thread: Dunker, Noah: "Re: (debian) Re: suidperl; more"
- Reply: Alexander Oelzant: "(debian) Re: suidperl; more"
- Reply: Dunker, Noah: "Re: (debian) Re: suidperl; more"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Aug 07, 2000 at 06:07:57PM +0200, Sebastian wrote:
> So far, there are more security-releated apps which use /bin/mail
> for logging
Debian again proves to be highly security-aware: it does not even
have a /bin/mail and is thus safe from this very attack. Of course,
using /usr/bin/mail works fine, so any applications where /bin/mail
was not hardcoded would be affected.
hth
Alexander
-- Alexander Oelzant alexander
- Next message: Matt Power: "OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow"
- Previous message: Matthew Kirkwood: "Re: sperl 5.00503 (and newer ;) exploit"
- In reply to: Sebastian: "re, suidperl; more"
- Next in thread: Dunker, Noah: "Re: (debian) Re: suidperl; more"
- Reply: Alexander Oelzant: "(debian) Re: suidperl; more"
- Reply: Dunker, Noah: "Re: (debian) Re: suidperl; more"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]