Date: Sun, 16 Jul 1995 11:55:12 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: peter@freefall.cdrom.com (Peter Wemm) Cc: CVS-commiters@freefall.cdrom.com, cvs-lib@freefall.cdrom.com Subject: Re: cvs commit: src/lib/libc/net rcmd.c Message-ID: <199507161855.LAA09011@gndrsh.aac.dev.com> In-Reply-To: <199507161704.KAA00740@freefall.cdrom.com> from "Peter Wemm" at Jul 16, 95 10:04:08 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > peter 95/07/16 10:04:04 > > Modified: lib/libc/net rcmd.c > Log: > Slight adjustment to previous fix for __ivaliduser(). It was checking for > the comment before checking for long lines, so there was a possibility > that the wrap-around might be used as an exploitable hostname. rcmd.c is security related code, please have changes reviewed by 1 or 2 others to prevent this type of mistake. Thanks for spotting and fixing this one! -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Reliable computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507161855.LAA09011>