From owner-freebsd-security  Fri Sep 11 12:44:00 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA25455
          for freebsd-security-outgoing; Fri, 11 Sep 1998 12:44:00 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from alpha.sea-to-sky.net (alpha.sea-to-sky.net [204.244.200.240])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA25404
          for <security@FreeBSD.ORG>; Fri, 11 Sep 1998 12:43:39 -0700 (PDT)
          (envelope-from sreid@alpha.sea-to-sky.net)
Received: (from sreid@localhost)
	by alpha.sea-to-sky.net (8.9.1a/8.8.7) id MAA09852;
	Fri, 11 Sep 1998 12:41:20 -0700
Date: Fri, 11 Sep 1998 12:41:19 -0700 (PDT)
From: Steve Reid <sreid@alpha.sea-to-sky.net>
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: security@FreeBSD.ORG
Subject: Re: cat exploit 
In-Reply-To: <18171.905461424@time.cdrom.com>
Message-ID: <Pine.LNX.3.95.iB1.0.980911122720.9437B-100000@alpha.sea-to-sky.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 10 Sep 1998, Jordan K. Hubbard wrote:
> Again, what I actually said was "don't blindly cat it to your screen"
> which is a perfectly valid point.  If you want something which
> protects you, use more or less as many others have suggested. 

Are ftp, telnet, rlogin, rsh, and ssh safe? What about pine, elm, mutt,
mh, biff, etc? 

Does every program that displays data from an untrusted system have the
necessary protections against terminal bombs?



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message