[11084] in bugtraq
Re: AMaViS virus scanner for Linux - root exploit
daemon@ATHENA.MIT.EDU (Jim Hebert)
Tue Jul 20 20:52:42 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9907191620510.11302-100000@keymaster.compu-aid.com>
Date: Mon, 19 Jul 1999 16:22:57 -0400
Reply-To: Jim Hebert <jhebert@CHEEK.COM>
From: Jim Hebert <jhebert@CHEEK.COM>
X-To: Chris McDonough <mcdonc@IQGROUP.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19990718081920.39762.qmail@securityfocus.com>
Regarding the patch, I see that it essentially kills whatever "bad"
characters you thought of. I suggest that the 'what is not explicitly
allowed is denied' approach and using eliminating all characters except a
certain list, perhaps an rfc-specified list or sane alteration of it.
jim
On Sun, 18 Jul 1999, Chris McDonough wrote:
> Sorry, the AMaViS diff was messed up in my last message by
> my email program...
>
> please see http://sharon.iqgroup.com/scanmails.patch
>
--
The Microsoft/Mindcraft/ZDNet benchmarks:
a) prove Linux is faster than you will ever, ever need.
b) are a fantasy and shouldn't affect your purchase decision.
Read why and decide for yourself at http://cs.alfred.edu/~lansdoct/mstest.html
See http://www.heise.de/ct/english//99/13/186-1/ for more applicable tests.
