Date: Tue, 21 Jul 1998 14:47:15 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <v04011709b1da8eeeae8f@[128.113.24.47]> In-Reply-To: <Pine.BSF.3.95q.980721120530.1666J-100000@mercury.jorsm.com> References: <199807202328.RAA26899@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:07 PM -0500 7/21/98, Jeremy Shaffner wrote: >On Mon, 20 Jul 1998, Brett Glass wrote: > >> At 02:57 PM 7/20/98 -0600, Paul Hart wrote: >> >> > Consider Bugtraq and the other popular security mailing lists as >> > required reading. Absolutely. None of these holes would have >> > taken you by surprise if you had diligently read these lists. >> >> Not necessarily. An exploit can be used long before it hits the >> lists. > > > Not not necessarily. Absolutely. If you were ware of it when the > rest of us were, you would have had it fixed. Period. I expect some corrolary of Murphy's Law will dictate that at least some breakins will occur while you're on vacation, or over long holidays. How we should respond to that is still debatable, I am just saying that you can still get "taken by surprise", unless you really plan on working 24 hours a day, 7 days a week, and never take any vacation. --- Garance Alistair Drosehn = gad@eclipse.its.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04011709b1da8eeeae8f>