From owner-freebsd-security  Tue Aug 29 11:14:37 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.FreeBSD.org (8.6.11/8.6.6) id LAA17927
          for security-outgoing; Tue, 29 Aug 1995 11:14:37 -0700
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id LAA17918
          for <security@freebsd.org>; Tue, 29 Aug 1995 11:14:33 -0700
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id EAA28657; Wed, 30 Aug 1995 04:11:41 +1000
Date: Wed, 30 Aug 1995 04:11:41 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199508291811.EAA28657@godzilla.zeta.org.au>
To: jmb@kryten.Atinc.COM, security@freebsd.org
Subject: Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 (fwd)
Sender: security-owner@freebsd.org
Precedence: bulk

>from a quick persual of the syslog.c that we have in -stable, i'd say 
>that FreeBSD is vunerable to this attack.  our syslog has fixed size 
>buffers and uses sprintf to write to them.  should be changed to 
>snprintf--a quick persual says that should do the trick

>shades of rtm

Anyone for execute-protected data by default if the machine can support
it?  Programs that want to execute data should have to request it and
everything else would be more secure.

Bruce