Date: Fri, 07 Jul 2000 17:18:17 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Paul Hart <hart@iserver.com>, Brett Glass <brett@lariat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ftpd and setproctitle() Message-ID: <4.3.2.20000707171558.00ad9340@207.227.119.2> In-Reply-To: <Pine.BSF.4.21.0007061243450.28924-100000@anchovy.orem.iser ver.com> References: <4.3.2.7.2.20000706113724.04789470@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:53 PM 7/6/00 -0600, Paul Hart wrote: >The FreeBSD usage of setproctitle() in ftpd seems to have been fixed quite >some time ago (in 1995), between versions 1.13 and 1.14 of ftpd.c: > > >http://www.FreeBSD.org/cgi/cvsweb.cgi/src/libexec/ftpd/ftpd.c.diff?r1=1.13&r2=1.14 > >I'd say FreeBSD has been safe since 1995. :-) From CERT advisory CA-2000-13 [With respect to setproctitle()] it turns out that FreeBSD fixed this bug in the system ftpd back in 1996, so it is not present in all versions of FreeBSD since 2.2.0. Someone mention this as some PR on Bugtraq and here this certainly is conformation. <g> Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.20000707171558.00ad9340>