Date: Mon, 24 Feb 1997 11:34:23 -0700 From: Dave Andersen <angio@aros.net> To: Nik Clayton <nik@blueberry.co.uk> Cc: questions@freebsd.org Subject: Re: Netscape static binaries - security hole? Message-ID: <199702241834.LAA27569@fluffy.aros.net> In-Reply-To: Your message of "Sat, 22 Feb 1997 22:41:56 GMT." <19970222224156.22114@coconut.blueberry.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
You run netscape setuid? (%!?) If you do, you have far larger worries than
the setlocale() bug. :> Don't run it setuid, and then don't worry about it.
-Dave
> I'm working my way through my recently-upgraded-to-2.1.7 system, recompiling
> all the static binaries, when I come across the Netscape browser, which
> is (naturally) statically linked.
>
> Does anyone know if this (and other binaries running under BSDI
> compatability) are vulnerable to the setlocale() hole?
>
> Cheers,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702241834.LAA27569>