--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Nov 30, 2000 at 03:52:14PM -0500, Greg A. Woods wrote:

> Yeah, but buffer overflow exploits are successful exclusively because
> the code that suffers them still has set-ID privileges.

No. They are successful as the set ID because the code has set-ID priviliges.
They are still successfull to get control over the original ID for non-setid
programs.

	-is

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBOibFMzCn4om+4LhpAQFQXQgAv/KQ4EFi1w8Df1yqp/vujEUPjx4ykbrg
7/874ScoUW7qjdCuG0arMcxsnzgiBCv7gE+2WVh/UAR/oiSlgjREHLYn5kYuW5zA
3WkSEUh08lNXBeJsPaeVEClQGoKsk0TCDfZBxTQwV0aA8Q3Z1Hi1gRTFFhUoJdR7
adAKDjjMc3bGPb+s1K0+i36dJcuXSDdamL0W9e0KH2XlymGQCSC/1dRaNzDEIMUR
mszB8ZEhT7cVy6uI0tgccGj7Yf1BTSbuANkMwwxE5+p3AtttplzE0ukBzcIrdRM5
FmQxFiSHAzxAMucpoTUZNr74DAWqJ+AA3f4FMPw84J1cNVFc8pOEjQ==
=rWBb
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--