From owner-freebsd-security  Thu Sep 10 18:29:27 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id SAA15932
          for freebsd-security-outgoing; Thu, 10 Sep 1998 18:29:27 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from ns.mt.sri.com (sri-gw.MT.net [206.127.105.141])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA15922
          for <security@FreeBSD.ORG>; Thu, 10 Sep 1998 18:29:25 -0700 (PDT)
          (envelope-from nate@mt.sri.com)
Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100])
	by ns.mt.sri.com (8.8.8/8.8.8) with SMTP id TAA08422;
	Thu, 10 Sep 1998 19:26:16 -0600 (MDT)
	(envelope-from nate@rocky.mt.sri.com)
Received: by mt.sri.com (SMI-8.6/SMI-SVR4)
	id TAA02455; Thu, 10 Sep 1998 19:25:46 -0600
Date: Thu, 10 Sep 1998 19:25:46 -0600
Message-Id: <199809110125.TAA02455@mt.sri.com>
From: Nate Williams <nate@mt.sri.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: Aleph One <aleph1@dfw.net>
Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>,
        Michael Richards <026809r@dragon.acadiau.ca>, security@FreeBSD.ORG
Subject: Re: cat exploit 
In-Reply-To: <Pine.SUN.4.01.9809101623240.13293-100000@dfw.nationwide.net>
References: <18171.905461424@time.cdrom.com>
	<Pine.SUN.4.01.9809101623240.13293-100000@dfw.nationwide.net>
X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Because its non-intuitive. How many end users are going to know that
> simply cat'ing a file is dangerous? 

End users shouldn't be catting other peoples files, and certainly anyone
running as root should know better.

If you're stupid, nothing will stop you from hurting yourself.


Nate

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message