[6748] in bugtraq
Re: Overflows in minicom
daemon@ATHENA.MIT.EDU (Stefan `Sec` Zehl)
Tue May 12 13:38:53 1998
Date: Tue, 12 May 1998 10:19:51 +0200
Reply-To: "Stefan `Sec` Zehl" <sec@42.ORG>
From: "Stefan `Sec` Zehl" <sec@42.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <k2vhrcywnv.fsf@zero.aec.at>; from Andi Kleen on Tue, May 12,
1998 at 05:51:00AM +0200
On Tue, May 12, 1998 at 05:51:00AM +0200, Andi Kleen wrote:
> I assumed the libc would ignore NLSPATH when the app runs suid (similar
> like it does with LD_LIBRARY_PATH etc.). If it doesn't that is a bad bug.
Not all programs in which that could be a problem are suid. Think about
that telnet/login hole.
CU,
Sec
--
Hiroshima '45 Tsjernobyl '86 Windows '95
