From owner-freebsd-security  Tue Sep 12  8:42:24 2000
Delivered-To: freebsd-security@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id BEEC537B424
	for <freebsd-security@FreeBSD.ORG>; Tue, 12 Sep 2000 08:42:22 -0700 (PDT)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA94930;
	Tue, 12 Sep 2000 11:42:18 -0400 (EDT)
	(envelope-from wollman)
Date: Tue, 12 Sep 2000 11:42:18 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <200009121542.LAA94930@khavrinen.lcs.mit.edu>
To: "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: [paul@STARZETZ.DE: Breaking screen on BSD]
In-Reply-To: <20000912065314.A43158@nagual.pp.ru>
References: <20000912061357.A42654@nagual.pp.ru>
	<Pine.BSF.4.21.0009112127170.85133-100000@achilles.silby.com>
	<20000912065314.A43158@nagual.pp.ru>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

<<On Tue, 12 Sep 2000 06:53:14 +0400, "Andrey A. Chernov" <ache@nagual.pp.ru> said:

> Screen 3.9.8 is not vulnerable to this. By "new" I mean part of it related
> to execve behaviour which is generally dangerous, not whole exploit at
> once.

There is nothing wrong with the behavior of execve.  Only a program
which was already insecure can be exploited through this technique.

-GAWollman



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message