current-users: Re: new rlogin security hole

Subject: Re: new rlogin security hole
To: None <perry@piermont.com>
From: VaX#n8 <vax@linkdead.paranoia.com>
List: current-users
Date: 08/19/1996 22:52:06

In message <199608191458.KAA11299@jekyll.piermont.com>, "Perry E. Metzger" writ
es:
>I'd say that an fgrep for strcpy, sprintf and a few others might get
>about 90% of the bugs...

Add strcat...
A quick vgrep for character buffers on the stack in SUID programs
wouldn't hurt either :) (for closer inspection.....)

(vgrep=visual grep)