On 05. Mar 1999, at 14:22:45 wrote Hans-Bernhard Broeker: [gnuplot stuff deleted] > > I strongly second this recommendment. I'll mail S.u.S.E. about it, if > no-one else does (but then, they're bound to have someone reading bugtraq, > right?). Not necessarily. SuSE has still not fixed the lsof buffer overflow either, even though lsof is setgid kmem and /dev/kmem is group writable (!) I mailed them earlier this week and got as response that they have a new lsof which unfortunately would require kernel 2.2. As quick fix they suggested removing the group write permissions from /dev/kmem.... As far as I could check this applies to SuSE 5.3 and 6.0. -- Mario Lorenz Internet: <mlat_private> Ham Radio: DL5MLO@OK0PKL.#BOH.CZE.EU
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:09 PDT