Date: Tue, 11 Aug 1998 19:38:57 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Marc Slemko <marcs@znep.com> Cc: "Mark J. Taylor" <mtaylor@cybernet.com>, freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client Message-ID: <199808112338.TAA14075@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.GSO.4.00.9808111342100.19881-100000@redfish> References: <XFMail.980811163822.mtaylor@cybernet.com> <Pine.GSO.4.00.9808111342100.19881-100000@redfish>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 11 Aug 1998 13:44:12 -0700 (PDT), Marc Slemko <marcs@znep.com> said: > Naw, that is worse since you can just use ps to grab it; the reason it is > worse is because it tends to lead to people leaving it set when they > aren't actually using the program. I think there are good reasons (and this is one of them) to disable the environment-dumping option of ps. Unfortunately it is probably too well-entrenched to kill. I had totally forgotten about it until this discussion began. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808112338.TAA14075>