Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
On Mon, 8 Jan 2001 19:14:53 +0100, Wichert Akkerman opined:
> We're aware of it and looking into this at the moment, as well as
> checking if there are other similar problems we might have missed.
Since this vulnerability is now "in the wild," so to speak, due to this
very discussion, isn't it a good idea to make an announcement to the
effect that at the very least fping should have its setuid root
removed?
--
Bob Bernstein
at
Esmond, R.I., USA
Reply to: