Date: Mon, 17 Feb 1997 13:28:52 -0700 (MST) From: Charles Mott <cmott@srv.net> To: "David O'Brien" <obrien@NUXI.com> Cc: Michael Smith <msmith@atrad.adelaide.edu.au>, freebsd-chat@FreeBSD.ORG Subject: Re: Countering stack overflow Message-ID: <Pine.BSF.3.91.970217132230.2620A-100000@darkstar> In-Reply-To: <19970217122022.XX15588@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Feb 1997, David O'Brien wrote: > Charles Mott writes: > > I see two major categories of security vulnerabilities: > > > > (1) A backdoor which trivially allows someone to become > > a superuser, bypassing all the normal passwords, security > > and authentication. > > > > (2) Data and file manipulation/corruption leading to either > > poor system reliability or compromise of privacy > > > > Category (1) is far more serious, and seems to warrant some broad and > > (1) is NOT a vulnerability (as you've stated it). A "backdoor" is > something purposely installed, and is doing what it intended to do. > Vulnerabilities are things like race conditions, buffer overflows, etc. > > Please do your homework first, then write back. This is the final post of a long back and forth exchange. I'm sorry my terminology is not up to your standards, but I think if you read the entire thread, you will see that my understanding is fairly clear. Do your homework before making an obnoxious statement. The fact that FreeBSD is so easily exploited by stack overflow techniques, when the method has been widely known for probably a decade is the real tragedy here. I have to laugh at people like you a little bit. I got the same garbage thrown in my face when I started the ppp packet aliasing project.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970217132230.2620A-100000>