Date: Thu, 9 Dec 1999 23:07:02 +0300 (MSK) From: "Ilmar S. Habibulin" <ilmar@ints.ru> To: freebsd-audit@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG Subject: question to auditors Message-ID: <Pine.BSF.4.21.9912092257170.317-100000@ws-ilmar.ints.ru> In-Reply-To: <84714733.944601517508.JavaMail.chenresig@karma>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm wondering what do you guys search in the sources. I know that there are some functions like gets(), which don't check bounds of arrays, and possible problems with setuid/setgid bits. So i have some questions like: - what is the full list of risky functions - what else could be a treat to security, integrety or functionality of some application - or where can i find full answers to my maybe stupid questions Thanx. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912092257170.317-100000>