From owner-freebsd-security  Mon Dec 16 08:56:57 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id IAA17142
          for security-outgoing; Mon, 16 Dec 1996 08:56:57 -0800 (PST)
Received: from seabass.progroup.com (catfish.progroup.com [206.24.122.2])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id IAA17131
          for <security@FreeBSD.ORG>; Mon, 16 Dec 1996 08:56:52 -0800 (PST)
Received: (from craig@localhost) by seabass.progroup.com (8.7.5/8.6.12) id IAA19864 for security@FreeBSD.ORG; Mon, 16 Dec 1996 08:54:26 -0800 (PST)
Message-Id: <199612161654.IAA19864@seabass.progroup.com>
Subject: Re: crontab security hole exploit
To: security@FreeBSD.ORG
Date: Mon, 16 Dec 1996 08:54:26 -0800 (PST)
From: "Craig Shaver" <craig@ProGroup.COM>
In-Reply-To: <Pine.GSO.3.95.961216154913.7742B-100000@lich> from "Joakim Rastberg" at Dec 16, 96 03:55:59 pm
X-Mailer: ELM [version 2.4 PL25 ME8b]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> 
> On Mon, 16 Dec 1996, Richard Wackerbarth wrote:
> >>Exploit for buffer overflow in crontab.
> >Please do not post exploit details to the list. The details can be sent
> >privately to security-officer@FreeBSD.ORG.
> >Observations that they exist, preferably with impact statements (eg. user
> >can gain root access) and proposed fixes are appropriate for public notice.
> 
> Is that official? Or only wishful thinking (ie if noone post them they
> will go away?). I would rather like the exploits be posted as they can be used
> to leverage the "management" to pay attention (background: I am working as
> a contractor to run some unix-boxes and although I whine about the low
> security *nothing* happens until I can show I get a #, then someone
> perhaps pulls the plug and pays for a more secure installation. My point
> beeing is that many companies, at least the ones I work for, IGNORES holes
> until someone have shown them the exploit)
> 
> /joakim rastberg, Xinit AB, Sundsvall Sweden.
> 
> 
> 

It certainly helps me understand what is really going on.  I can learn from
this to code defensively.

Is there someplace or some book that someone who is writing new software can
refer to for learning how to write secure code in the first place?  I 
certainly don't want to ask some whiny security cop for each and every 
little detail.... :)

-- 
Craig Shaver  (craig@progroup.com) (415)390-0654 
Productivity Group POB 60458 Sunnyvale, CA  94088