Bugtraq mailing list archives
Re: CERT Advisory CA-95:02.binmail.vulnerabilities
From: karl () bagpuss demon co uk (Karl Strickland)
Date: Fri, 27 Jan 1995 15:57:39 +0000 (GMT)
The CERT Coordination Center thanks Eric Allman, Wolfgang Ley, Karl Strickland, Wietse Venema, and Neil Woods for their contributions to mail.local.Last billing there Neil, though I note its in alphabetical order. It does seem a little thick headed that cert, in its wisdom, did not simply refer people to several 8lgm advisories already on the subject. As for the
To be fair to CERT, we were given early access to a number of versions of mail.local before this one was released. Neil analyzed - in detail - countless versions of mail.local and provided code to fix the remaining problems.
"mail.local" not been perfect - what are they advising? the installation of something less that perfect as far as root-bugs are concerned? "But mom, I'm only a little bit pregnant"From my examinations of mail.local, its fine unless you can write to the mailspool directory. If you can, then its raceable.
Why is it raceable? -- ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl () bagpuss demon co uk |
Current thread:
- Re: CERT Advisory CA-95:02.binmail.vulnerabilities Julian Assange (Jan 27)
- Re: CERT Advisory CA-95:02.binmail.vulnerabilities Dave Sill (Jan 27)
- Re: CERT Advisory CA-95:02.binmail.vulnerabilities Karl Strickland (Jan 27)
- Re: CERT Advisory CA-95:02.binmail.vulnerabilities Neil Woods (Jan 28)