From owner-freebsd-security Thu Jul 6 12:28:55 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id D47C837B576 for ; Thu, 6 Jul 2000 12:28:51 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id NAA27659; Thu, 6 Jul 2000 13:28:44 -0600 (MDT) Message-Id: <4.3.2.7.2.20000706132133.04a94ad0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Thu, 06 Jul 2000 13:28:33 -0600 To: Matt Heckaman From: Brett Glass Subject: Re: ftpd and setproctitle() Cc: security@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20000706113724.04789470@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thank you! I've checked 3.1, and it's OK too. Theo just wrote to say that he thinks the bug originated in BSD 4.4-Lite. (And, I guess, has been around since that time due to the wonderful error-encouraging nature of the C language -- Sigh.) I'm hoping that the bug was nailed prior to 2.2.8, which a number of sites with an "if it ain't broke, don't fix it" policy are still running. Anyone have a 2.2.8 CD handy? Mine's long gone. --Brett At 12:23 PM 7/6/2000, Matt Heckaman wrote: >matt[alpha]:/usr/src/libexec/ftpd> grep setproctitle ftpd.c > * Save start and extent of argv for setproctitle. > setproctitle("%s", proctitle); > setproctitle("%s", proctitle); > setproctitle("%s", proctitle); >setproctitle(const char *fmt, ...) >setproctitle(fmt, va_alist) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message