Date: Tue, 2 May 2000 14:39:15 +0100 From: Joe Karthauser <joe@pavilion.net> To: Robert Watson <rwatson@freebsd.org> Cc: Mike Heffner <spock@techfour.net>, FreeBSD-audit <FreeBSD-audit@freebsd.org> Subject: Re: three small patches - oflows Message-ID: <20000502143915.G3433@pavilion.net> In-Reply-To: <Pine.NEB.3.96L.1000501104321.11476C-100000@fledge.watson.org>; from rwatson@freebsd.org on Mon, May 01, 2000 at 10:44:54AM -0400 References: <20000429141039.A48739@pavilion.net> <Pine.NEB.3.96L.1000501104321.11476C-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 01, 2000 at 10:44:54AM -0400, Robert Watson wrote: > > I noticed a bunch of commits go in labeled, ``fix buffer overflow'' -- any > chance you could include a note indicating whether or not they represent a > security hole in the base configuration/etc? I.e., the natd buffer > overflow does not present a security risk (that I'm aware of) as it's not > setugid, and when it does run with privilege only the caller can specify > the arguments? I'll do that in future commits, and when I MFC these later. Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000502143915.G3433>