[1069] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] RESOLV_HOST_CONF

daemon@ATHENA.MIT.EDU (C. Hodges)
Sun Aug 25 20:27:43 1996

Date: Sun, 25 Aug 1996 14:37:19 -0500
To: linux-security@tarsier.cv.nrao.edu, linux-alert@tarsier.cv.nrao.edu
From: "C. Hodges" <chodges@computek.net>

[Mod: Some quoting trimmed.  --Jeff.]

At 12:48 AM 8/25/96 -0500, Jordy <jordy@newport.thirdwave.net> wrote:
>
>Sigh, I don't know why, but for some reason no one has brought up the
>RESOLV_HOST_CONF hack which is present in well, just about every
>resolv+ library ever.

it's been talked about a lot on Bugtraq... :>

>Real Patch isn't really available yet, from what i can see. You can modify

*ahem* for the most part, yes it is... NetKit-B-0.08 has at least ping and
others (?) fixed, but for some strange reason, he didn't bother to fix
finger tho... :\  (i also heard that ssh contains it too, haven't tried it yet)

[Mod: 'finger' isn't suid like 'ping' et al.  --Jeff.]

actually, the library itself *SHOULD* be patched, but patched programs that
call it are almost good enough... (at least, until they find more progs that
have it)

>[REW: On Picasso: My ping isn't statically linked. My ping binary and
>my libc don't have the string RESOLV_HOST_CONF. My ping still opens
>/etc/resolv.conf when I set this environment variable.
>
>The proposed patch wont help a lot. chsh tcsh; Use csh syntax, or
>write a program to pass a suitable environment yourself.
>

ftp.linux.org.co.uk:/pub/linux/Networking/base/NetKit-B-0.08.tar.gz

until a newer one comes out that patches finger, anyway...

home help back first fref pref prev next nref lref last post