Date: Fri, 23 Jun 2000 16:34:11 -0400 From: Keith Stevenson <k.stevenson@louisville.edu> To: Mike Tancsa <mike@sentex.ca> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, freebsd-security@FreeBSD.ORG Subject: Re: Fwd: WuFTPD: Providing *remote* root since at least1994 Message-ID: <20000623163411.A1412@osaka.louisville.edu> In-Reply-To: <3.0.5.32.20000623154848.02d2d6c0@marble.sentex.ca>; from mike@sentex.ca on Fri, Jun 23, 2000 at 03:48:48PM -0400 References: <Pine.BSF.4.21.0006222230390.65791-100000@achilles.silby.com> <4.2.2.20000622201823.0479a690@mail.sentex.net> <Pine.BSF.4.21.0006222230390.65791-100000@achilles.silby.com> <200006231713.NAA49665@khavrinen.lcs.mit.edu> <3.0.5.32.20000623154848.02d2d6c0@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 23, 2000 at 03:48:48PM -0400, Mike Tancsa wrote: > What about > > --enable-paranoid > > as part of the config ? As so much seems to be related to the site exec > command, perhaps its best to just disable this ? While I'm all for actually fixing the problems in the code, I've found that the --enable-paranoid options to be a good one. I've been tinkering around with the exploit and the paranoid option seems to defend against it. I don't think that any of my users will miss the SITE EXEC commands. --enable-paranoid probably should be added to the port build. Regards, --Keith Stevenson-- -- Keith Stevenson System Programmer - Data Center Services - University of Louisville k.stevenson@louisville.edu GPG key fingerprint = 332D 97F0 6321 F00F 8EE7 2D44 00D8 F384 75BB 89AE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000623163411.A1412>