From owner-freebsd-security@FreeBSD.ORG  Fri Mar 12 11:29:56 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 449C716A4CE
	for <security@freebsd.org>; Fri, 12 Mar 2004 11:29:56 -0800 (PST)
Received: from deliver.epitech.net (deliver.epitech.net [163.5.0.25])
	by mx1.FreeBSD.org (Postfix) with SMTP id 79CD643D39
	for <security@freebsd.org>; Fri, 12 Mar 2004 11:29:53 -0800 (PST)
	(envelope-from bevand_m@epita.fr)
Received: from epita.fr ([10.42.1.60])
 by deliver.epitech.net (SAVSMTP 3.1.2.35) with SMTP id M2004031220271102340
 for <security@freebsd.org>; Fri, 12 Mar 2004 20:27:11 +0100
Received: from nash (nash.epita.fr [10.42.120.94])
	by epita.fr id i2CJTou03087 for security@freebsd.org 
	EPITA Paris France Fri, 12 Mar 2004 20:29:50 +0100 (CET)
Date: Fri, 12 Mar 2004 20:29:52 +0100
From: Marc Bevand <bevand_m@epita.fr>
To: security@freebsd.org
Message-ID: <20040312192952.GA23211@nash.epita.fr>
References: <200403120922.i2C9M0jC002510@stud326.idi.ntnu.no>
	<20040312104914.GA52099@ip.net.ua>
	<20040312105730.GA99925@stud326.idi.ntnu.no>
	<20040312110657.GB52099@ip.net.ua> <20040312111526.GA14260@stack.nl>
	<20040312125820.GA8574@lum.celabo.org> <20040312154600.GC2235@ip.net.ua>
	<20040312110725.698ebe20@localhost> <20040312161049.GA2872@ip.net.ua>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040312161049.GA2872@ip.net.ua>
User-Agent: Mutt/1.4i
X-Mailman-Approved-At: Mon, 15 Mar 2004 04:15:25 -0800
Subject: Re: bin/64150: [PATCH] ls(1) coredumps when started via execve(2)
	with no argv.
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2004 19:29:56 -0000

On 12 Mar 2004, Ruslan Ermilov wrote:
| On Fri, Mar 12, 2004 at 11:07:25AM -0500, Tom Rhodes wrote:
| > 
| > Will it 'break' anything?
|
| Sure it will, the question is should we care about something that's
| already broken.  ;)

It will break almost all shellcodes trying to be the shorter ones
(as they pass NULL for argv and envp). So we can view it as a small
security improvement (just kidding).

-- 
Marc Bevand                          http://www.epita.fr/~bevand_m
Computer Science School EPITA - System, Network and Security Dept.