From owner-freebsd-security Thu Sep 10 14:30:49 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA01172 for freebsd-security-outgoing; Thu, 10 Sep 1998 14:30:49 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from dfw.nationwide.net (dfw.nationwide.net [198.175.15.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA01130 for ; Thu, 10 Sep 1998 14:30:36 -0700 (PDT) (envelope-from aleph1@dfw.net) Received: from localhost (aleph1@localhost) by dfw.nationwide.net (8.9.0/8.9.0) with SMTP id QAA13854; Thu, 10 Sep 1998 16:24:28 -0500 (CDT) Date: Thu, 10 Sep 1998 16:24:28 -0500 (CDT) From: Aleph One X-Sender: aleph1@dfw.nationwide.net To: "Jordan K. Hubbard" cc: Michael Richards <026809r@dragon.acadiau.ca>, security@FreeBSD.ORG Subject: Re: cat exploit In-Reply-To: <18171.905461424@time.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 10 Sep 1998, Jordan K. Hubbard wrote: > Only because you didn't actually read my message, you just fired off a > knee-jerk response. Again, what I actually said was "don't blindly > cat it to your screen" which is a perfectly valid point. If you want > something which protects you, use more or less as many others have > suggested. If you don't want something which protects you then why > are we even having this discussion? Those who deliberately wish to > inflict pain on themselves can find it in a wide variety of areas. Because its non-intuitive. How many end users are going to know that simply cat'ing a file is dangerous? More or less shouldnt protect me. xterm and rxvt should. > - Jordan > Aleph One / aleph1@dfw.net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message