Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability

[Bob Bernstein <bob@ruptured-duck.com>]

On Mon, 8 Jan 2001 19:14:53 +0100, Wichert Akkerman opined:

>  We're aware of it and looking into this at the moment, as well as
>  checking if there are other similar problems we might have missed.

Since this vulnerability is now "in the wild," so to speak, due to this
very discussion, isn't it a good idea to make an announcement to the
effect that at the very least fping should have its setuid root
removed?

-- 
Bob Bernstein
at	     
Esmond, R.I., USA