[2936] in bugtraq
Re: at the risk of another flamefest..
daemon@ATHENA.MIT.EDU (David Miller)
Tue Jul 16 13:53:03 1996
Date: Tue, 16 Jul 1996 08:56:20 -0400
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: David Miller <isdmill@gatekeeper.ddp.state.me.us>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <199607160433.XAA11818@source.EnGarde.com>
On Mon, 15 Jul 1996, Mike Neuman wrote:
> In any case, to add yet another level of indirection to the above argument,
> Mr. Bradley is forgetting that Unix itself is written in C. As a result, perl
> may have no bound problems, and so will the resulting compiled perl code, but
> the operating system itself could still have problems (a la syslog() ).
Good point but lousy example. Syslog is just user level code. Is
it posible buffer overflow conditions might exist in the kernel
somewhere such that one could overwrite critical data like one's UID?
--- David Miller
----------------------------------------------------------------------------
It's *amazing* what one can accomplish when
one doesn't know what one can't do!
