On Fri, 27 Dec 2002 12:46:05 EST, Jeremy Epstein <jepsteinat_private> said: > main() { exit(0); } > > is completely secure and not exploitable. Beyond that, you're on your own Wrong. If you don't link it statically, it's vulnerable to a shared library replacement of the exit() function in libc. This type of error is the basis of all the LD_* exploits. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Fri Dec 27 2002 - 22:05:05 PST