[595] in linux-security and linux-alert archive
Re: Shadow /bin/login security hole
daemon@ATHENA.MIT.EDU (aeb@cwi.nl)
Fri Feb 2 17:35:22 1996
From: aeb@cwi.nl
Date: Tue, 30 Jan 1996 02:52:52 +0100
To: jfh@austin.ibm.com, linux-security@tarsier.cv.nrao.edu
> I'd honestly like to know if anyone has heard a report of this occuring,
> in part because isgraph() call in the conditional part of the for() loop.
Well, what characters are considered to be graphic depends
on the locale. Either setlocale() is called, but then people
can use a locale where all characters are graphic, or setlocale()
is not called, and then people cannot even enter their own name.
