Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: Giles Lean <giles@nemeton.com.au>
From: Perry E. Metzger <perry@piermont.com>
List: current-users
Date: 12/29/1996 17:32:36
Giles Lean writes:
> Find adds -print automatically; exploiting it worked just fine.
> 
> OpenBSD has added -print0 to find(1) and -0 to xargs(1), based on the
> NetBSD versions of find and xargs.  These sources compile cleanly on
> NetBSD (at least on 1.1 -- I haven't upgraded to 1.2 yet).
> 
> Anyone want a re-written /etc/security that uses these?

It won't do a damn bit of good, as it has nothing to do with the
security problem.

Perry