From owner-freebsd-questions Fri Jun 27 15:57:32 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA20055 for questions-outgoing; Fri, 27 Jun 1997 15:57:32 -0700 (PDT) Received: from jason01.u.washington.edu (root@jason01.u.washington.edu [140.142.70.24]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA20050 for ; Fri, 27 Jun 1997 15:57:29 -0700 (PDT) Received: from saul4.u.washington.edu (root@saul4.u.washington.edu [140.142.83.2]) by jason01.u.washington.edu (8.8.4+UW97.04/8.8.4+UW97.05) with ESMTP id PAA21036 for ; Fri, 27 Jun 1997 15:57:28 -0700 Received: from s5-25-199.student.washington.edu (S5-25-199.student.washington.edu [128.95.25.199]) by saul4.u.washington.edu (8.8.4+UW97.04/8.8.4+UW97.04) with SMTP id PAA02381 for ; Fri, 27 Jun 1997 15:57:27 -0700 (PDT) Message-Id: <3.0.2.32.19970627225928.007ed780@jcwells.deskmail.washington.edu> X-Sender: jcwells@jcwells.deskmail.washington.edu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.2 (32) Date: Fri, 27 Jun 1997 22:59:28 +0000 To: freebsd-questions@freebsd.org From: Jason Wells Subject: Jargon Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk While reading a freebsd document I came across this term which I have seen many times and never researched. The term is "arbitrary code" and here it is used in context. Due to its nature, the lpr program is setuid root. Unfortunately, the program does not do sufficient bounds checking on arguments which are supplied by users. As a result it is possible to overwrite the internal stack space of the program while it's executing. This can allow an intruder to execute **arbitrary code** by crafting a carefully designed argument to lpr. TNHD does not include this definition. Thanks, Jason __ __ / 0\ / 0\ Thank you * Highperformance.net ) Wannabe Sysadmin * The homeless domain )-------( Jason Wells * "Pardon me sir, spare some bandwidth?" \_____/