Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
On Tue, 9 Jan 2001 00:11:01 +0100, Wichert Akkerman opined:
> > isn't it a good idea to make an announcement to the
> > effect that at the very least fping should have its setuid root
> > removed?
>
> You might as well remove all suid bits from all apps from your system,
> a reasonably large number of programs will be vulnerrable I'm afraid.
Yes, the plot thickened, as they say.
> A fix is being prepared, hopefully we'll have it later today or
> tomorrow.
Most excellent!
--
Bob Bernstein
at
Esmond, R.I., USA
Reply to: