From owner-freebsd-security  Tue Jul 21 11:43:42 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA12923
          for freebsd-security-outgoing; Tue, 21 Jul 1998 11:43:42 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mail1.its.rpi.edu (root@mail1.its.rpi.edu [128.113.100.7])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA12907
          for <security@FreeBSD.ORG>; Tue, 21 Jul 1998 11:43:34 -0700 (PDT)
          (envelope-from drosih@rpi.edu)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail1.its.rpi.edu (8.8.8/8.8.6) with ESMTP id OAA35892
	for <security@FreeBSD.ORG>; Tue, 21 Jul 1998 14:43:19 -0400
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Sender: drosih@pop1.rpi.edu
Message-Id: <v04011709b1da8eeeae8f@[128.113.24.47]>
In-Reply-To: <Pine.BSF.3.95q.980721120530.1666J-100000@mercury.jorsm.com>
References: <199807202328.RAA26899@lariat.lariat.org>
Date: Tue, 21 Jul 1998 14:47:15 -0400
To: security@FreeBSD.ORG
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: The 99,999-bug question: Why can you execute from the   
 stack?
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 12:07 PM -0500 7/21/98, Jeremy Shaffner wrote:
>On Mon, 20 Jul 1998, Brett Glass wrote:
>
>> At 02:57 PM 7/20/98 -0600, Paul Hart wrote:
>>
>> > Consider Bugtraq and the other popular security mailing lists as
>> > required reading.  Absolutely.  None of these holes would have
>> > taken you by surprise if you had diligently read these lists.
>>
>> Not necessarily. An exploit can be used long before it hits the
>> lists.
>
>
> Not not necessarily.  Absolutely.  If you were ware of it when the
> rest of us were, you would have had it fixed.  Period.

I expect some corrolary of Murphy's Law will dictate that at least
some breakins will occur while you're on vacation, or over long
holidays.

How we should respond to that is still debatable, I am just saying
that you can still get "taken by surprise", unless you really plan
on working 24 hours a day, 7 days a week, and never take any
vacation.

---
Garance Alistair Drosehn           =   gad@eclipse.its.rpi.edu
Senior Systems Programmer          or  drosih@rpi.edu
Rensselaer Polytechnic Institute

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message