Date: Sun, 09 Feb 1997 17:06:56 -0700 From: Warner Losh <imp@village.org> To: Marc Slemko <marcs@znep.com> Cc: freebsd-security@freebsd.org Subject: Re: buffer overruns Message-ID: <E0vtjGr-0004Gc-00@rover.village.org> In-Reply-To: Your message of "Sun, 09 Feb 1997 14:26:31 MST." <Pine.BSF.3.95.970209140207.11077I-100000@alive.ampr.ab.ca> References: <Pine.BSF.3.95.970209140207.11077I-100000@alive.ampr.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.3.95.970209140207.11077I-100000@alive.ampr.ab.ca> Marc Slemko writes: : While that is currently one of the most popular methods of exploiting : overflows, it is important to remember that is _not_ the only method; Yes /tmp races are also fun. There are a bunch of orthers too: not dripping privs, revoking privs incorrectly, etc. So are using features indented for another purpose to hide, conceal or conquer. :-) Most of the sendmail and lpr/lpd bugs fall into this last category. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vtjGr-0004Gc-00>