From owner-freebsd-security  Sun Feb  9 23:51:28 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA16457
          for security-outgoing; Sun, 9 Feb 1997 23:51:28 -0800 (PST)
Received: from char-star.rdist.org (char-star.rdist.org [206.54.252.22])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id XAA16452
          for <freebsd-security@freebsd.org>; Sun, 9 Feb 1997 23:51:26 -0800 (PST)
From: tqbf@enteract.com
Received: (qmail 22119 invoked by uid 1001); 10 Feb 1997 07:52:17 -0000
Date: 10 Feb 1997 07:52:17 -0000
Message-ID: <19970210075217.22118.qmail@char-star.rdist.org>
To: marcs@znep.com, freebsd-security@freebsd.org
Subject: Re: Don't fulminate, be productive 
In-Reply-To: <Pine.BSF.3.95.970208171054.3343F-100000@alive.ampr.ab.ca>
Reply-To: tqbf@enteract.com
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In article <Pine.BSF.3.95.970208171054.3343F-100000@alive.ampr.ab.ca>, you wrote:
>Essentially what I did is go through the entire source line by line,
>looking for anything that stood out as being suspicious.  Those things
>include:

If you used "grep()" or pattern-searching in your editor to do this, you
just missed the lpr card() hole. 

while(*c) *p++ = *c++;

-- 
----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
exit(main(kfp->kargc, argv, environ));