current-users: Re: new rlogin security hole

Subject: Re: new rlogin security hole
To: VaX#n8 <vax@linkdead.paranoia.com>
From: Michael Graff <explorer@flame.org>
List: current-users
Date: 08/19/1996 14:06:14

VaX#n8 <vax@linkdead.paranoia.com> writes:

> >From the Linux group.
> LSF Update #11
> term is a 1024 byte buffer allocated on the stack
> 
> Fix: make rlogin non-SUID, until you change the code to use strncpy
> instead of strcpy.

Um, I think this is fixed in netbsd?

--Michael