[14701] in bugtraq
Re: Solaris 7 x86 lpset exploit.
daemon@ATHENA.MIT.EDU (Len Rose)
Thu Apr 27 12:11:17 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000426210149.G1102@netsys.com>
Date: Wed, 26 Apr 2000 21:01:49 -0400
Reply-To: Len Rose <len@NETSYS.COM>
From: Len Rose <len@NETSYS.COM>
X-To: Andrew Brown <atatat@atatdot.net>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000426155119.A8085@noc.untraceable.net>; from Andrew Brown on
Wed, Apr 26, 2000 at 03:51:19PM -0400
But it still breaks JRE/JDK (unless that was fixed when I wasn't paying
attention)
On Wed, Apr 26, 2000 at 03:51:19PM -0400, Andrew Brown wrote:
> just for people who don't know...or have forgotten...putting this:
>
> set noexec_user_stack = 1
> set noexec_user_stack_log = 1
>
> in your /etc/system file protects you against this. it doesn't fix
> the bug, but it stops the effects from being quite so "bad".
