Date: Fri, 19 Oct 2001 07:27:36 -0600 From: "Tomek" <tomek@mpionline.com> To: <freebsd-security@FreeBSD.ORG> Subject: Whats to stop one user from being root? Message-ID: <001101c158a1$d12ab320$f6f073d1@mpionline.com>
next in thread | raw e-mail | index | archive | help
Hey there, I have 2 questions really, maybe they are obvious, maybe not. 1. What is to stop a user program from calling half way in the middle of "chmod" for example and bypassing any security checking code? I know this would be highly depending on kernal version, but is there protection against this? 2. In reference to the telnet buffer overflow security problem, how is it that something as simple as fetching data for login name and data for password was not protected? If anyone has any links to detailed information about WHY the buffer overrun works (in great detail), please let me know. Its currently beyond me why the incoming data wasn't limited in size before any processing at all. Thanks, Tomek To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001101c158a1$d12ab320$f6f073d1>