security: crontab (fwd)
David Kramer
david at kramer.ne.mediaone.net
Thu Jul 13 16:14:33 EDT 2000
Is anyone using libsafe? It sounds too good to be true.
Check out http://www.bell-labs.com/org/11356/libsafe.html
--
-------------------------------------------------------------------
DDDD David Kramer http://kramer.ne.mediaone.net
DK KD
DKK D Every non-key attribute depends on the key, the whole key,
DK KD and nothing but the key, so help me Codd.
DDDD (Sybase training class)
---------- Forwarded message ----------
Neat! I hadn't heard of this before and I am very impressed. Nice little
program, thank you Bell Labs. This is going in my "Need to install on all
new systems" list.
-Ben Newman
"Before I'm done you will all taste my meaty brain chunks."
Spider Jerusalem
On Wed, 12 Jul 2000, Todd A. Jacobs wrote:
> On Wed, 12 Jul 2000, Michael Ghens wrote:
>
> > I just cannot believe this. I just tested an old vixie cron exploit
> > against crontab. It was a clasic buffer overflow attack. I have a
> > RH6.2 WITH UPDATES. It worked. This exploit is almost over a year old.
>
> Have you tried installing libsafe on your system? It should prevent all
> buffer overflow exploits, and (at least on my machine) doesn't seem to
> impact performance in any noticeable way.
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list