Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Jon Lewis (jlewis@inorganic5.fdt.net)
Tue, 4 Aug 1998 13:36:42 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Linus Torvalds: "Re: 2.1.114 fails build on i386"
Previous message: Stefan Meixner: "ftp trouble 2.1.114 <> Cray-System"
In reply to: Alexander Kjeldaas: "Re: CIPE - Encrypted IP Encapsulation"

On Tue, 4 Aug 1998, David S. Miller wrote:

> However I still contend that this is an ass-backwards way to fix
> bugs in software.

That may be...but it definitely works and adds and extra line of defense
against unknown or unfixed buffer overflow exploits. It helped me catch
the guy using the vsyslog libc overflow, and stopped him from getting root
again.

------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | drawn and quartered...whichever
Florida Digital Turnpike | is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Linus Torvalds: "Re: 2.1.114 fails build on i386"
Previous message: Stefan Meixner: "ftp trouble 2.1.114 <> Cray-System"
In reply to: Alexander Kjeldaas: "Re: CIPE - Encrypted IP Encapsulation"