Re: [linux-alert] Serious Security hole in getpwnam ()
> >> This is a *very* serious hole that affects Linux-based NIS client
> >> systems. A more formal alert will be posted once a fixed version
> >> of libc has been officially released.
>
> I did check it with the current library as found on Debian systems: No
> root permissions, only a core dump. So i think there is a problem,
> but it is by far not as serious as announced.
I don't know what version you have, but I was able to break into my
own system using the current version. This fix is being built right
now.
David
--
David Engel Optical Data Systems, Inc.
david@ods.com 1101 E. Arapaho Road
(214) 234-6400 Richardson, TX 75081
Reply to: