Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
Previously Bob Bernstein wrote:
> Since this vulnerability is now "in the wild," so to speak, due to this
> very discussion, isn't it a good idea to make an announcement to the
> effect that at the very least fping should have its setuid root
> removed?
You might as well remove all suid bits from all apps from your system,
a reasonably large number of programs will be vulnerrable I'm afraid.
A fix is being prepared, hopefully we'll have it later today or
tomorrow.
Wichert.
--
________________________________________________________________
/ Generally uninteresting signature - ignore at your convenience \
| wichert@cistron.nl http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: