Date: Mon, 20 Aug 2001 04:29:45 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Akinori MUSHA <knu@iDaemons.org> Cc: audit@FreeBSD.ORG, "Brian F. Feldman" <green@FreeBSD.ORG>, Mike Barcroft <mike@FreeBSD.ORG>, ports@FreeBSD.ORG Subject: Re: adding -P option to pkg_delete(1) Message-ID: <20010820042945.A85555@xor.obsecurity.org> In-Reply-To: <86k804weed.wl@archon.local.idaemons.org>; from knu@iDaemons.org on Thu, Aug 16, 2001 at 06:19:22PM %2B0900 References: <86ofpl0yq8.wl@archon.local.idaemons.org> <200108122310.f7CNAUZ01898@green.bikeshed.org> <86k804weed.wl@archon.local.idaemons.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Aug 16, 2001 at 06:19:22PM +0900, Akinori MUSHA wrote: > We'll have to audit the whole pkg_install code to eliminate possible > buffer overflows. Well, there are literally dozens or hundreds of those. You can almost count the *safe* string operations in that code on one hand :-) Kris --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7gPSpWry0BWjoQKURArMSAJ96JUWKwPRbJpwlpfmwQV0puOHlAgCeIjNP InusjbnodGF5qOOkFcL5Lt0= =qqLL -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010820042945.A85555>