Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security: crontab (fwd)



Is anyone using libsafe?  It sounds too good to be true.

Check out http://www.bell-labs.com/org/11356/libsafe.html
-- 

-------------------------------------------------------------------
DDDD   David Kramer                   http://kramer.ne.mediaone.net
DK KD  
DKK D  Every non-key attribute depends on the key, the whole key,
DK KD  and nothing but the key, so help me Codd.
DDDD                                      (Sybase training class)

---------- Forwarded message ----------
Neat!  I hadn't heard of this before and I am very impressed.  Nice little
program, thank you Bell Labs.  This is going in my "Need to install on all
new systems" list.

-Ben Newman

"Before I'm done you will all taste my meaty brain chunks."
						Spider Jerusalem

On Wed, 12 Jul 2000, Todd A. Jacobs wrote:

> On Wed, 12 Jul 2000, Michael Ghens wrote:
> 
> > I just cannot believe this. I just tested an old vixie cron exploit
> > against crontab. It was a clasic buffer overflow attack. I have a
> > RH6.2 WITH UPDATES. It worked. This exploit is almost over a year old.
> 
> Have you tried installing libsafe on your system? It should prevent all
> buffer overflow exploits, and (at least on my machine) doesn't seem to
> impact performance in any noticeable way.

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org