On Tue, 24 Apr 2001 20:13:30 +0930, "Donaldson, Matthew" <matthewat_private> said: > (e.g. because it's non open-source). Having something like this gives them > the security that even if someone is doing the Wrong Thing(tm), it does not > put them at risk. Puts them at much less risk. The risk is still non-zero. (Consider - does the patch fix race conditions that happen to involve both /tmp *and* '..' in the pathname? What *other* end conditions are there? Remember that "non executable stack" patches don't stop all buffer overflows, they just make them a LOT harder to exploit..... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
This archive was generated by hypermail 2b30 : Wed Apr 25 2001 - 18:08:57 PDT