From owner-freebsd-chat@FreeBSD.ORG Sun Oct 24 23:33:04 2004 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A88016A4CE for ; Sun, 24 Oct 2004 23:33:04 +0000 (GMT) Received: from pop-a065d01.pas.sa.earthlink.net (pop-a065d01.pas.sa.earthlink.net [207.217.121.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E0DF43D53 for ; Sun, 24 Oct 2004 23:33:04 +0000 (GMT) (envelope-from phummers@iname.com) Received: from sdn-ap-001dcwashp0279.dialsprint.net ([63.188.1.25] helo=cakes.towanda.bsd) by pop-a065d01.pas.sa.earthlink.net with esmtp (Exim 3.33 #1) id 1CLrrD-0003R0-00 for freebsd-chat@freebsd.org; Sun, 24 Oct 2004 16:33:03 -0700 Date: Sun, 24 Oct 2004 19:32:57 -0400 (EDT) From: Peter Hummers X-X-Sender: phummers@cakes.towanda.bsd To: freebsd-chat@freebsd.org In-Reply-To: <200410242157.i9OLvRtV011244@2ens11.uta.edu> Message-ID: <20041024191235.L1580-100000@cakes.towanda.bsd> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: RedHat: Buffer Overflow in "ls" and "mkdir" X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Oct 2004 23:33:04 -0000 On Sun, 24 Oct 2004, RedHat Security Team wrote: > Redhat found a vulnerability in fileutils (ls and mkdir), that could > allow a remote attacker to execute arbitrary code with root > privileges. Some of the affected linux distributions include RedHat > 7.2, RedHat 7.3, RedHat 8.0, RedHat 9.0, Fedora CORE 1, Fedora CORE 2 > and not only. It is known that *BSD and Solaris platforms are NOT > affected. Wow! What is probably the most-used Un*x CLI command? I have in the past tried here and there a spot of Linux, from Debian to RedHat, one extreme to the other, chasing the spectre of `popular' software and assimilation. Then I learn my lesson again, and get on this FreeBSD notebook, I feel I'm home again, with the one true OS, rational and ... intuitive! How much cruft there is in so many Linuces! How tiring it is to try to circumvent the automatic Gnome or KDE installs and deal with the results, and to try to keep in mind the differences between Linux distros! But a shadow still falls on my computing experience when I try to tell civilians how I avoid Microsoft without a Macintosh. "Uh, well, it's _like_ Linux, but ... well, it's Unix." "Eunuchs!!? O-kay, well, see ya later..." -Peter Hummers == "You're not supposed to be so blind with patriotism that you can't face reality. Wrong is wrong no matter who does it or who says it." -Malcolm X