[src/trunk]: src/distrib/notes/common Mention code audits - format string, an...

[hubertf <hubertf%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/c4e43681b222
branches:  trunk
changeset: 499174:c4e43681b222
user:      hubertf <hubertf%NetBSD.org@localhost>
date:      Mon Nov 13 23:01:36 2000 +0000

description:
Mention code audits - format string, and others - and what they gain.

diffstat:

 distrib/notes/common/main |  8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diffs (22 lines):

diff -r 5568c174dcc0 -r c4e43681b222 distrib/notes/common/main
--- a/distrib/notes/common/main Mon Nov 13 22:45:05 2000 +0000
+++ b/distrib/notes/common/main Mon Nov 13 23:01:36 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: main,v 1.91 2000/11/13 01:22:39 hubertf Exp $
+.\"    $NetBSD: main,v 1.92 2000/11/13 23:01:36 hubertf Exp $
 .\"
 .\" Copyright (c) 1999, 2000 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -265,6 +265,12 @@
 .It
 Disable various services by default, and set the default options for
 disabled daemons to a higher level of logging.
+.It 
+Several code audits were performed, the last one identifying and disabling 
+places where format strings were used in an
+unsafe way, allowing arbitrary data enterred by (possibly) mallicious
+users to overwrite application code, and leading from Denial of
+Service attacks to compromised system.
 .bullet)
 .
 .Ss2 System administration and user tools