Subject: Re: [firstname.lastname@example.org: local root compromise in openbsd 3.0 and below]
To: Jeremy C. Reed <email@example.com>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 04/13/2002 08:50:13
In message <Pine.LNX.email@example.com>, "
Jeremy C. Reed" writes:
>I am curious why Steven and Todd said this is an "old" bug.
>Looking at OpenBSD back to beginning I don't see it. And looking at
>src/usr.bin/mail/collect.c dated Apr. 18, 1991 from 386bsd-0.0, I don't
>see the bug.
>When was it originally fixed? (In the 80's?)
That sounds about right...
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com