NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bin/38327: uu{en,de}code - any reason to use non-portable [sg]etprogname?

> Since in general it's only used for printing error messages, it
> doesn't allow an attacker to do anything they can't do more easily
> with /bin/echo.

> If it's used for much of anything else, with the possible exception of
> a few programs that treat magic values of argv[0] as command-line
> options, it's probably a bug anyhow.

I agree.

Until new USE_FEATURE implementation appeares, wip/netbsd-uuencode
is patched. Not a big problem.

Best regards, Aleksey Cheusov.

Home | Main Index | Thread Index | Old Index