|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: hal King (hck
UTK.EDU)Date: Fri Feb 16 2001 - 11:23:17 CST
In a recent Sun patch (106439-07) the following text appears:
-----------------------------------------------------------------------
NOTE 3:
The fix for bug 4353901 fully allows forwarding of messages which
contain characters defined in the system default locale. Care should
be taken to ensure that each window displaying messages forwarded by
syslogd (especially console windows) is run in the system default locale
(which is syslogd's locale). If this advice is not followed, it may be
possible for for a syslog message to alter the terminal settings for
that window, possibly even allowing remote execution of arbitrary
commands from that window
-----------------------------------------------------------------------
I don't know how likley this might be, but I thought I'd send it along to see
if anyone could find a way that it might be a real problem. At least don't
use a term with root privs to monitor log files. Just to be safe.
--hal king Unix System Group pgp key http://web.utk.edu/~hck/hal.asc No hot dog, email.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]