[3200] in bugtraq
Re: libresolv+ bug
daemon@ATHENA.MIT.EDU (Brian Mitchell)
Sun Aug 18 17:29:25 1996
Date: Sun, 18 Aug 1996 16:03:33 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Brian Mitchell <brian@saturn.net>
X-To: Theo Van Dinter <felicity@kluge.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.LNX.3.95.960818025102.7620A-100000@eclectic.kluge.net>
On Sun, 18 Aug 1996, Theo Van Dinter wrote:
> In response to the libresolv+ hole ... I'm sure there's a better/more
> encompassing/cleaner method of fixing it, but here's my patch for ping (I
> have the Netkit-B-0.07A source for ping (linux)... It just switches the
> effective uid to nobody (default 65534) around a certain gethostbyname ...
> This fixed the problem as far as I can tell on my system...
>
>
> 62a63,64
> > int kluge;
> >
> 297a300,301
> > kluge=geteuid();
> > seteuid(65534);
> 298a303
> > seteuid(kluge);
What about using unsetenv() to remove the vile variables from the
environment at the beginning of the program.
Of course, this all needs to be in libc, kludging your way around ping,
rlogin, traceroute, and especially ssh is not a good thing.
Brian Mitchell brian@saturn.net
"I never give them hell. I just tell the truth and they think it's hell"
- H. Truman
