[1340] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Sendfile. beta test

daemon@ATHENA.MIT.EDU (Andreas Ott)
Sat Dec 7 19:00:01 1996

From: Andreas Ott <andreas@faveve.uni-stuttgart.de>
To: linux-security@redhat.com
Date: Fri, 6 Dec 1996 20:13:58 +0100 (MET)
Cc: chris@faveve.uni-stuttgart.de (Christian Recktenwald),
        framstag@rus.uni-stuttgart.de
In-Reply-To: <9612061537.AA05794@loulou.ensea.fr> from "leroy@ensea.fr" at Dec 6, 96 03:37:01 pm
Reply-To: andreas@faveve.uni-stuttgart.de
Resent-From: linux-security@redhat.com

Hi,
> I have found a package called sendfile that let you send files
> over network.
> It installs a prog called sendfile to send and a daemon called sendfiled,
> called on demand by inetd.
> I'd like to know if this package is security safe
> C.Leroy
look at the documentation pages on the original web server at:

	http://www.belwue.de/belwue/software/saft/

English versions are available. Some security issues are discussed there.
Please note, that the author is a native UNIX/LINUX hacker and is aware of
the security problem. He has implemented at least *some* security. Up to
now no security incidents have been reported, as far as I know.

> Source can be found at URL:
> ftp://ftp2.ibp.fr/pub/linux/sunsite/Incoming/sendfile-1.5.tar.gz

The original source server site is

ftp://ftp.uni-stuttgart.de/pub/unix/comm/sendfile/sendfile.tar.gz

this URL will point to the latest version (currently sendfile-1.5.tar.gz ;
release 961201). 

Best regards,  andreas
-- 
Andreas Ott                  andreas@faveve.uni-stuttgart.de     
Students' Government Office (FaVeVe) University of Stuttgart
snail mail: Pfaffenwaldring 57,  D-70550 Stuttgart,  GERMANY
phone: +49 711 6852004,+49 711 6852003  Fax: +49 711 6852043


home help back first fref pref prev next nref lref last post