tech-security: re: Fix for PR security/8069: man(1) vulnerability

Subject: re: Fix for PR security/8069: man(1) vulnerability
To: Jason Thorpe <thorpej@nas.nasa.gov>
From: matthew green <mrg@eterna.com.au>
List: tech-security
Date: 07/26/1999 09:37:24

   
    > here is my suggestion for a fix for PR security/8069:
   
   Looks great!


ick, i don't think so.


i'd rather call groff -S to disable these commands for *everyone*,
not just root.  perhaps you could attempt to become nobody for root
but it shouldn't be an error condition if this fails..