Date: Wed, 23 Oct 1996 19:58:29 -0700 From: obrien@NUXI.cs.ucdavis.edu (David E. O'Brien) To: freebsd-ports@FreeBSD.ORG Subject: Re: ports/1792: new port, splitvt Message-ID: <199610240258.TAA15205@relay.nuxi.com> In-Reply-To: <199610230933.LAA18519@keltia.freenix.fr>; from Ollivier Robert on Oct 23, 1996 11:33:36 %2B0200 References: <199610222106.OAA27196@dog.farm.org> <199610230345.UAA10803@relay.nuxi.com> <199610230933.LAA18519@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Ollivier Robert writes: > > Beware that splitvt was the target for a CERT advisory because one of the > version had a security hole you could drive a PPro running Linux through > (splitvt originated on Linux). > > The latest version has this fixed but we probably should read the code > carefully as it has to be setuid root... It is still useful w/o setuid root: relay:~> ll /usr/local/bin/splitvt -r-xr-xr-x 1 bin bin 40960 Oct 13 18:02 /usr/local/bin/splitvt* Because of the Cert advisory, I explicitly didn't make this setuid root. I may change that after sitting down with the Author (he is an undergrad in my department) and going over the code. -- -- David (obrien@cs.ucdavis.edu)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610240258.TAA15205>