Subject: Re: [venglin@freebsd.lublin.pl: local root compromise in openbsd 3.0 and below]
To: Jeremy C. Reed <reed@reedmedia.net>
From: Steven M. Bellovin <smb@research.att.com>
List: tech-security
Date: 04/13/2002 08:50:13
In message <Pine.LNX.4.43.0204130431040.14412-100000@pilchuck.reedmedia.net>, "
Jeremy C. Reed" writes:

>
>I am curious why Steven and Todd said this is an "old" bug.
>
>Looking at OpenBSD back to beginning I don't see it. And looking at
>src/usr.bin/mail/collect.c dated Apr. 18, 1991 from 386bsd-0.0, I don't
>see the bug.
>
>When was it originally fixed? (In the 80's?)

That sounds about right...

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com