current-users: Re: *READ THIS* snapshot fixes security hole *READ THIS*

Subject: Re: *READ THIS* snapshot fixes security hole *READ THIS*
To: David Carrel <carrel@cisco.com>
From: Ted Lemon <mellon@fugue.com>
List: current-users
Date: 08/29/1995 20:32:41

> If you have patches for a bug or can point out a "real" vulnerability
> that's new, then send them in.  But I keep hearing too many people saying
> they're going to be cool, cuz they're about to do something.  Posers!

I don't entirely disagree with this, but I would like to point out
that installing the patch in all effected binaries will ensure that
no unaudited server running as root will let a cracker in through this
particular syslog bug.   Going through each program trying to figure
out whether it's vulnerable to this avenue of attack would be a
complete waste of time.

I won't call you a poser, though - I'm sure you meant well...   :')

			       _MelloN_