From owner-freebsd-security Tue Oct 24 15:42:35 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id PAA08759 for security-outgoing; Tue, 24 Oct 1995 15:42:35 -0700 Received: from Root.COM (implode.Root.COM [198.145.90.17]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id PAA08748 for ; Tue, 24 Oct 1995 15:42:29 -0700 Received: from corbin.Root.COM (corbin [198.145.90.50]) by Root.COM (8.6.12/8.6.5) with ESMTP id PAA06756; Tue, 24 Oct 1995 15:42:26 -0700 Received: from localhost (localhost [127.0.0.1]) by corbin.Root.COM (8.6.12/8.6.5) with SMTP id PAA27570; Tue, 24 Oct 1995 15:38:23 -0700 Message-Id: <199510242238.PAA27570@corbin.Root.COM> To: Dataradio sysadmin cc: "David A. Borman" , hartmans@mit.edu, security@freebsd.org Subject: Re: telnetd fix In-reply-to: Your message of "Tue, 24 Oct 95 11:51:27 EDT." From: David Greenman Reply-To: davidg@Root.COM Date: Tue, 24 Oct 1995 15:38:17 -0700 Sender: owner-security@freebsd.org Precedence: bulk >On Tue, 24 Oct 1995, David A. Borman wrote: > >> >> > Hi; I've been thinking about the telnetd security patch that was recently >> > sent out. I've been watching the list of "vulnerable" environment variables >> > grow daily...I really think that excluding certain environment variables is the >> > wrong approach to solving the problem. I think it is is much wiser to do an > >[snip] > >Have I missed something here? > >Why not just compile telnetd / login as a statically linked programs, and >voila, no worry about possibly switching libc under their noses. Because the standard libc in most systems also access certain environment variables that may be used to alter the behavior of telnetd and/or login(1). In other words: the list of vulnerable systems is likely much longer than is suggested in the announcement. -DG