Date: Thu, 09 Dec 1999 16:51:53 -0500 (EST) From: Mike Heffner <spock@techfour.net> To: "Ilmar S. Habibulin" <ilmar@ints.ru> Cc: freebsd-security@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: RE: question to auditors Message-ID: <XFMail.991209165153.spock@techfour.net> In-Reply-To: <Pine.BSF.4.21.9912092257170.317-100000@ws-ilmar.ints.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 09-Dec-99 Ilmar S. Habibulin said: | | I'm wondering what do you guys search in the sources. I know that there | are some functions like gets(), which don't check bounds of arrays, and | possible problems with setuid/setgid bits. So i have some questions like: | | - what is the full list of risky functions | - what else could be a treat to security, integrety or functionality of | some application | - or where can i find full answers to my maybe stupid questions | There's a short list of some trouble spots at: http://www.freebsd.org/security/ as well as other links to security related sites. --------------------------------- Mike Heffner <spock@techfour.net> Fredericksburg, VA ICQ# 882073 Date: 09-Dec-99 Time: 16:50:04 --------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.991209165153.spock>