[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: StackGuard

David Welton <davidw@gate.cks.com> writes:

> You also have to look at what programs root runs on tainted data.
> Remember the big fiasco with 'update' or whatever it was a while ago?
> Didn't it turn out to be 'find' or something?  Don't recall the
> specifics, but it certainly wasn't an suid program.

Is somewhere a list of programs considered safe to be called from
privileged scripts etc.?

Kalle Olavi Niemitalo <tosi@stekt.oulu.fi>, http://stekt.oulu.fi/~tosi/

Reply to: