[2306] in bugtraq
Sun's Loadmodule Patch
daemon@ATHENA.MIT.EDU (Neil Woods)
Fri Oct 20 11:35:10 1995
Date: Thu, 19 Oct 1995 00:37:52 +0100
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Neil Woods <neil@legless.demon.co.uk>
X-To: bugtraq@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
Sun's loadmodule fix replaces the insecure call to system(3) with calls to
vfork(2) and execle(3) (apparently execle(3) is used in order to specify
a null environment).
This is effective measure to fix loadmodule, uname(2) is still the most
elegant fix which has been overlooked.
Cheers,
Neil
--
Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way,
M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl.
...like a badger with an afro throwing sparklers at the Pope...
