From owner-freebsd-security Wed Oct 11 7:15:34 2000 Delivered-To: freebsd-security@freebsd.org Received: from envy.vuurwerk.nl (envy.vuurwerk.nl [194.178.232.112]) by hub.freebsd.org (Postfix) with SMTP id 8ED2A37B502 for ; Wed, 11 Oct 2000 07:15:30 -0700 (PDT) Received: (qmail 98782 invoked from network); 11 Oct 2000 14:15:29 -0000 Received: from kesteren.vuurwerk.nl (HELO daemon.vuurwerk.nl) (194.178.232.59) by envy.vuurwerk.nl with SMTP; 11 Oct 2000 14:15:29 -0000 Received: (nullmailer pid 52463 invoked by uid 11109); Wed, 11 Oct 2000 14:15:31 -0000 Date: Wed, 11 Oct 2000 16:15:31 +0200 From: Peter van Dijk To: freebsd-security@FreeBSD.ORG Subject: Re: ncurses buffer overflows (fwd) Message-ID: <20001011161531.C52149@vuurwerk.nl> Mail-Followup-To: Peter van Dijk , freebsd-security@FreeBSD.ORG References: <20001010214332.G25121@149.211.6.64.reflexcom.com> <20001011080628.F387D1F22@static.unixfreak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001011080628.F387D1F22@static.unixfreak.org>; from dima@unixfreak.org on Wed, Oct 11, 2000 at 01:06:28AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Oct 11, 2000 at 01:06:28AM -0700, Dima Dorfman wrote: [snip] > "Me too." It was my impression that the whole '#!/path/to/shell' > thing started when people expressed a desire to use csh for their > scripts, so someone hacked execve in their kernel to look for '#' as > the first byte in the file, and if it's there, execute whatever > command follows. Since not all kernels had this hack, the script > would still get executed with sh on some systems, so it was decided > that the sh comment character be used to keep the old hosts happy. It requires #!, not just #. Greetz, Peter. -- [ircoper] petervd@vuurwerk.nl - Peter van Dijk / Hardbeat [student] Undernet:#groningen/wallops | IRCnet:/#alliance [developer] EFnet:#qmail _____________ [disbeliever - the world is backwards] (__VuurWerk__(--*- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message