From owner-freebsd-security  Wed Nov 18 08:45:19 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA28933
          for freebsd-security-outgoing; Wed, 18 Nov 1998 08:45:19 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from dfw.nationwide.net (dfw.nationwide.net [198.175.15.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA28928
          for <security@freebsd.org>; Wed, 18 Nov 1998 08:45:17 -0800 (PST)
          (envelope-from aleph1@dfw.net)
Received: from localhost (aleph1@localhost)
	by dfw.nationwide.net (8.9.0/8.9.0) with SMTP id KAA12536;
	Wed, 18 Nov 1998 10:41:08 -0600 (CST)
Date: Wed, 18 Nov 1998 10:41:08 -0600 (CST)
From: Aleph One <aleph1@dfw.net>
X-Sender: aleph1@dfw.nationwide.net
To: "David G. Andersen" <danderse@cs.utah.edu>
cc: wuebben@kde.org, cert@cert.org, security@FreeBSD.ORG
Subject: Re: KDE kppp and klock have serious security flaws
In-Reply-To: <13906.59901.91263.217800@torrey.cs.utah.edu>
Message-ID: <Pine.SUN.4.01.9811181039481.2797-100000@dfw.nationwide.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Roger that. Due note I approved a message earlier today that hints to the
fact that a binary program cannot securely find out where its binary is
located at. Any person should be able to figure out the KHOME exploit in a
snap with that hint.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message