Date: Mon, 10 Feb 1997 10:38:07 +0900 (JST) From: Michael Hancock <michaelh@cet.co.jp> To: Alexander Snarskii <snar@lucky.net> Cc: freebsd-hackers@freebsd.org Subject: Re: Increasing overall security.... Message-ID: <Pine.SV4.3.95.970210103603.19450A-100000@parkplace.cet.co.jp> In-Reply-To: <199702091525.RAA05048@burka.carrier.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 9 Feb 1997, Alexander Snarskii wrote: > I want to contribute patch to libc to made FreeBSD unexploitable > with standard 'stack overflow' attacks. > > All i wanted, is to made my FreeBSD-based host as secure as possible. > And i havent found no such man as Theo de Raadt in FreeBSD project, > so the source tree still contains some exploitable 'stack overflow' > security holes. Most of which is based on using some 'insecure' > functions like 'strcpy', 'sprintf' and so in setuid programs. Look in the cvs logs for recent commits by imp for example rlogind, rshd, etc. Mike Hancock
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.95.970210103603.19450A-100000>