Date: Sat, 02 Nov 1996 16:06:25 -0800 From: Bill Trost <trost@cloud.rain.com> To: freebsd-security@FreeBSD.org Subject: Re: rwhod buffer overflow bug Message-ID: <m0vJq54-00004qC@cloud.rain.com> In-Reply-To: Your message of Fri, 01 Nov 1996 10:07:16 %2B0100. <199611010907.KAA26376@spooky.lss.cp.philips.com> References: <199611010907.KAA26376@spooky.lss.cp.philips.com>
index | next in thread | previous in thread | raw e-mail
I may have asked this question before, but: Why not make rwhod setuid() itself down once it has its sockets and /dev/kmem open? /var/rwho would have to be writable by that user, but otherwise the running rwho would have few privileges with which to do any real damage to the system.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0vJq54-00004qC>