From owner-freebsd-questions Fri Jun 27 16:18:40 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA21067 for questions-outgoing; Fri, 27 Jun 1997 16:18:40 -0700 (PDT) Received: from implode.root.com (implode.root.com [198.145.90.17]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA21062 for ; Fri, 27 Jun 1997 16:18:38 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by implode.root.com (8.8.5/8.8.5) with SMTP id QAA20615; Fri, 27 Jun 1997 16:19:36 -0700 (PDT) Message-Id: <199706272319.QAA20615@implode.root.com> X-Authentication-Warning: implode.root.com: localhost [127.0.0.1] didn't use HELO protocol To: Jason Wells cc: freebsd-questions@FreeBSD.ORG Subject: Re: Jargon In-reply-to: Your message of "Fri, 27 Jun 1997 22:59:28 -0000." <3.0.2.32.19970627225928.007ed780@jcwells.deskmail.washington.edu> From: David Greenman Reply-To: dg@root.com Date: Fri, 27 Jun 1997 16:19:35 -0700 Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >While reading a freebsd document I came across this term which I have seen >many times and never researched. The term is "arbitrary code" and here it >is used in context. > > Due to its nature, the lpr program is setuid root. Unfortunately, > the program does not do sufficient bounds checking on arguments which > are supplied by users. As a result it is possible to overwrite the > internal stack space of the program while it's executing. This can > allow an intruder to execute **arbitrary code** by crafting a carefully > designed argument to lpr. > >TNHD does not include this definition. It means that the user can execute computer instructions of his chosing, and thus can make "lpr" do things it was never meant to do - perhaps use it to break into the system. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project