current-users: Re: new rlogin security hole

Subject: Re: new rlogin security hole
To: VaX#n8 <vax@linkdead.paranoia.com>
From: Perry E. Metzger <perry@piermont.com>
List: current-users
Date: 08/19/1996 10:58:42

VaX#n8 writes:
> Anyone want to volunteer to help do security checks on all the
> SUID programs?  I'd at least like to document why each one has to be
> SUID (in the manpage), so you can decide if you need it SUID or not.

I'd say that an fgrep for strcpy, sprintf and a few others might get
about 90% of the bugs...

Perry