Re: [linux-alert] Serious Security hole in getpwnam ()

To: kai@khms.westfalen.de (Kai Henningsen)
Cc: debian-devel@lists.debian.org
Subject: Re: [linux-alert] Serious Security hole in getpwnam ()
From: Dominik Kubla <dominik.kubla@uni-mainz.de>
Date: Wed, 29 May 1996 19:52:56 +0200
Message-id: <[🔎] 199605291752.TAA02056@bambi.zdv.Uni-Mainz.DE>
In-reply-to: Your message of "29 May 1996 01:49:00 +0200." <[🔎] 69nFWJxEcsB@khms.westfalen.de>

>>>>> Kai Henningsen writes:

[...]

>> This is a *very* serious hole that affects Linux-based NIS client
>> systems.  A more formal alert will be posted once a fixed version
>> of libc has been officially released.

I did check it with the current library as found on Debian systems: No
root permissions, only a core dump.  So i think there is a problem,
but it is by far not as serious as announced.

Dominik

Reply to:

Follow-Ups:
- Re: [linux-alert] Serious Security hole in getpwnam ()
  - From: david@elo.ods.com (David Engel)

References:
- Re: [linux-alert] Serious Security hole in getpwnam ()
  - From: kai@khms.westfalen.de (Kai Henningsen)

Prev by Date: Re: Bug#3146: 1.1 installation: ae doesn't work
Next by Date: Bug#3146: 1.1 installation: ae doesn't work
Previous by thread: Re: [linux-alert] Serious Security hole in getpwnam ()
Next by thread: Re: [linux-alert] Serious Security hole in getpwnam ()
Index(es):
- Date
- Thread