Date: Mon, 23 Jul 2001 08:57:26 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: <freebsd-security@FreeBSD.ORG>, <freebsd-gnats-submit@FreeBSD.ORG> Subject: Re: RE: bin/22595: telnetd tricked into using arbitrary peer ip Message-ID: <200107231557.f6NFvQb17025@earth.backplane.com> References: <000f01c11315$094851e0$420d640a@HELL> <200107230354.f6N3stj13517@earth.backplane.com> <200107231538.f6NFcZl81468@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:<<On Sun, 22 Jul 2001 20:54:55 -0700 (PDT), Matt Dillon <dillon@earth.backplane.com> said:
:
:> All very nice, guys, but not realistic. Only FreeBSD uses an API.
:
:Erm, no, wrong.
:
:SVR4 has an API. This API is standardized as a part of the Austin
:Group process.
:
:-GAWollman
Fine.. then if you want to get all the third party program authors to
use a magic API, be my guest. Could it be, no... it couldn't...
all those programs couldn't just not *know* about the 'Austin Group
process' could they? That's criminal! Oops, oh well so much for
that!
Even ssh, about the closest third party program to BSD as there ever
was, doesn't use an API call for lastlog. It does for utmp, sort-of,
but not for lastlog. Bzzzt.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107231557.f6NFvQb17025>