Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Dec 1999 23:07:02 +0300 (MSK)
From:      "Ilmar S. Habibulin" <ilmar@ints.ru>
To:        freebsd-audit@FreeBSD.ORG
Cc:        freebsd-security@FreeBSD.ORG
Subject:   question to auditors
Message-ID:  <Pine.BSF.4.21.9912092257170.317-100000@ws-ilmar.ints.ru>
In-Reply-To: <84714733.944601517508.JavaMail.chenresig@karma>

next in thread | previous in thread | raw e-mail | index | archive | help

I'm wondering what do you guys search in the sources. I know that there
are some functions like gets(), which don't check bounds of arrays, and
possible problems with setuid/setgid bits. So i have some questions like:

- what is the full list of risky functions
- what else could be a treat to security, integrety or functionality of
some application
- or where can i find full answers to my maybe stupid questions

Thanx.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912092257170.317-100000>