[16133] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

(debian) Re: suidperl; more

daemon@ATHENA.MIT.EDU (Alexander Oelzant)
Tue Aug 8 12:23:18 2000

Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id:  <20000808150333.A7577@comitan.oelzant.priv.at>
Date:         Tue, 8 Aug 2000 15:03:33 +0200
Reply-To: Alexander Oelzant <aoe@OEH.NET>
From: Alexander Oelzant <aoe@OEH.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <Pine.LNX.3.96.1000807180351.8179A-200000@ati02.cs.uni-potsdam.de>; from Sebastian on Mon, Aug 07,
              2000 at 06:07:57PM +0200

On Mon, Aug 07, 2000 at 06:07:57PM +0200, Sebastian wrote:
> So far, there are more security-releated apps which use /bin/mail
> for logging

Debian again proves to be highly security-aware: it does not even
have a /bin/mail and is thus safe from this very attack. Of course,
using /usr/bin/mail works fine, so any applications where /bin/mail
was not hardcoded would be affected.

hth
   Alexander

--
Alexander Oelzant 		alexander@oelzant.priv.at


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16133] in bugtraq

(debian) Re: suidperl; more

daemon@ATHENA.MIT.EDU (Alexander Oelzant)Tue Aug 8 12:23:18 2000

daemon@ATHENA.MIT.EDU (Alexander Oelzant)
Tue Aug 8 12:23:18 2000