Date: Mon, 23 Oct 1995 20:39:09 -0600 From: Nate Williams <nate@rocky.sri.MT.net> To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> Cc: davidg@Root.COM, Nate Williams <nate@rocky.sri.MT.net>, ache@freefall.freebsd.org, freebsd-hackers@freebsd.org, John Polstra <jdp@polstra.com> Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs Message-ID: <199510240239.UAA24582@rocky.sri.MT.net> In-Reply-To: <EasY4ZmaY2@ache.dialup.demos.ru> References: <199510240141.SAA00275@corbin.Root.COM> <FaLS4ZmKU1@ache.dialup.demos.ru> <EasY4ZmaY2@ache.dialup.demos.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> >If we try to plug all potential holes that we find, even small ones, > >probability of security violation becomes reduced. I don't plan to dam whole > >river, just plug in small leak reducing leaks number at whole. > > BTW, why you stuck on "shell scripts" only? The same hole can hits > when commands entered by hand, see my example. Let's see your example. You haven't provided one. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510240239.UAA24582>