[4524] in bugtraq
Re: Interim solution for ps
daemon@ATHENA.MIT.EDU (Steven Kirby)
Tue May 20 16:37:16 1997
Date: Tue, 20 May 1997 00:45:17 -0400
Reply-To: Steven Kirby <kirby@COSMIC.UGA.EDU>
From: Steven Kirby <kirby@COSMIC.UGA.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199705192326.SAA00800@sun_3447> from "Joe Zbiciak" at May 19,
97 06:26:58 pm
> Here's a generic wrapper I've written that you can use as an interim
> solution for wrapping /usr/bin/ps and /usr/ucb/ps. (/usr/ucb/ps looks
> to be similarly vulnerable.) The code is fairly well documented IMHO,
> and should be adaptable enough to wrap just about any program.
I'll have to look at this more closely in the morning, but I suspect you may
have reinvented the wheel. (Though, at first glance, it looks like a *really*
nice wheel! :-))
The folks at AUSCERT released a generic wrapper program to handle buffer
overflow problems a while back. It's available from:
ftp://ftp.auscert.org.au/pub/auscert/tools/overflow_wrapper.c
It's been the answer to more than one advisory that began "Due to insufficient
bounds checking... ").
--steve
It's not what you know, but what you think of in time.
Steven Kirby University of Georgia kirby@cosmic.uga.edu
