Date: Thu, 9 Dec 1999 23:07:02 +0300 (MSK) From: "Ilmar S. Habibulin" <ilmar@ints.ru> To: freebsd-audit@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG Subject: question to auditors Message-ID: <Pine.BSF.4.21.9912092257170.317-100000@ws-ilmar.ints.ru> In-Reply-To: <84714733.944601517508.JavaMail.chenresig@karma>
index | next in thread | previous in thread | raw e-mail
I'm wondering what do you guys search in the sources. I know that there are some functions like gets(), which don't check bounds of arrays, and possible problems with setuid/setgid bits. So i have some questions like: - what is the full list of risky functions - what else could be a treat to security, integrety or functionality of some application - or where can i find full answers to my maybe stupid questions Thanx. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912092257170.317-100000>