Date: Tue, 4 Feb 1997 21:16:17 +1100 (EST) From: proff@suburbia.net To: mycroft@GNU.AI.MIT.EDU Cc: security@freebsd.org Subject: Re: Critical Security Problem in 4.4BSD crt0 Message-ID: <19970204101617.15151.qmail@suburbia.net> In-Reply-To: <c1kd8uh3gkm.fsf@melange.gnu.ai.mit.edu> from "Charles M. Hannum" at "Feb 3, 97 01:11:36 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> "Thomas H. Ptacek" <tqbf@enteract.com> writes: > > > > > The issue is that FreeBSD 2.1.5's crt0.c start() routine, which calls the > > "main()" entry point function in the program that is starting, will under > > some circumstances call routines that set the "locale" of the program. The > > routines that do this are heavily dependant on environment variables, > > which are in some circumstances copied directly into local character > > buffers on the stack of the locale routines. > > I'd like to point out that, despite the subject line, this hole has > nothing to do with 4.4BSD; it is specific to FreeBSD, and does *not* > affect other 4.4BSD-derived systems. > Yes, it does. But not by crt0.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970204101617.15151.qmail>