Date: Fri, 08 Sep 2000 10:54:50 +0100 From: David Pick <D.M.Pick@qmw.ac.uk> To: "Todd C. Miller" <Todd.Miller@courtesan.com> Cc: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>, "Andrey A. Chernov" <ache@nagual.pp.ru>, Warner Losh <imp@village.org>, Kris Kennaway <kris@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG, security-officer@FreeBSD.ORG Subject: Re: UNIX locale format string vulnerability (fwd) Message-ID: <E13XKrz-00050c-00@xi.css.qmw.ac.uk> In-Reply-To: Your message of "Thu, 07 Sep 2000 16:15:55 MDT." <200009072215.e87MFtQ24652@xerxes.courtesan.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Sudo already discards the following: > IFS > LOCALDOMAIN > RES_OPTIONS > HOSTALIASES > LD_* > _RLD* > SHLIB_PATH > LIBPATH > KRB_CONF > KRB5_CONFIG > ENV > BASH_ENV A fair list of not-obviously-related environment variables. (Puts on thinking cap and makes a correlation with packet filter rules.) It would be *much* safer to adopt a "deny all and only allow a list of variables that are known to be safe and wanted" approach rather than a "block the ones we know are unsafe and miss blocking a few we don't know about". -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E13XKrz-00050c-00>