From owner-freebsd-security Mon Sep 11 14:23:27 2000 Delivered-To: freebsd-security@freebsd.org Received: from sol.cc.u-szeged.hu (sol.cc.u-szeged.hu [160.114.8.24]) by hub.freebsd.org (Postfix) with ESMTP id 872F637B42C for ; Mon, 11 Sep 2000 14:23:21 -0700 (PDT) Received: from petra.hos.u-szeged.hu by sol.cc.u-szeged.hu (8.9.3+Sun/SMI-SVR4) id XAA17819; Mon, 11 Sep 2000 23:23:53 +0200 (MEST) Received: from sziszi by petra.hos.u-szeged.hu with local (Exim 3.12 #1 (Debian)) id 13Yb2s-00045o-00 for ; Mon, 11 Sep 2000 23:23:18 +0200 Date: Mon, 11 Sep 2000 23:23:18 +0200 From: Szilveszter Adam To: freebsd-security@FreeBSD.ORG Subject: Re: [paul@STARZETZ.DE: Breaking screen on BSD] Message-ID: <20000911232318.A15053@petra.hos.u-szeged.hu> Mail-Followup-To: freebsd-security@FreeBSD.ORG References: <20000911224221.A14920@petra.hos.u-szeged.hu> <20000912011105.A40182@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0.1i In-Reply-To: <20000912011105.A40182@nagual.pp.ru>; from ache@nagual.pp.ru on Tue, Sep 12, 2000 at 01:11:06AM +0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Sep 12, 2000 at 01:11:06AM +0400, Andrey A. Chernov wrote: > Obviously this bug is too general and not related to screen only. > It seems we need to fix execve() to prevent this. Certainly it is. Screen was just an example, although the $SUBJECT line might have caused some people to overlook this as 'not important' -- Regards: Szilveszter ADAM Szeged University Szeged Hungary To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message