Skip site navigation (1)Skip section navigation (2)
Date:      03 Feb 1997 13:11:36 -0500
From:      mycroft@gnu.ai.mit.edu (Charles M. Hannum)
To:        tqbf@enteract.com
Cc:        bugtraq@netspace.org, freebsd-security@freebsd.org
Subject:   Re: Critical Security Problem in 4.4BSD crt0
Message-ID:  <c1kd8uh3gkm.fsf@melange.gnu.ai.mit.edu>
In-Reply-To: "Thomas H. Ptacek"'s message of Sun, 2 Feb 1997 23:54:54 -0600 (CST)
References:  <199702030554.XAA07517@enteract.com>

next in thread | previous in thread | raw e-mail | index | archive | help

"Thomas H. Ptacek" <tqbf@enteract.com> writes:

> 
> The issue is that FreeBSD 2.1.5's crt0.c start() routine, which calls the
> "main()" entry point function in the program that is starting, will under
> some circumstances call routines that set the "locale" of the program. The
> routines that do this are heavily dependant on environment variables,
> which are in some circumstances copied directly into local character
> buffers on the stack of the locale routines.

I'd like to point out that, despite the subject line, this hole has
nothing to do with 4.4BSD; it is specific to FreeBSD, and does *not*
affect other 4.4BSD-derived systems.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c1kd8uh3gkm.fsf>