[prev in list] [next in list] [prev in thread] [next in thread] 

List:       best-of-security
Subject:    BoS: Sun's Loadmodule Patch
From:       Neil Woods <neil () legless ! demon ! co ! uk>
Date:       1995-10-18 23:37:52
[Download RAW message or body]

Sun's loadmodule fix replaces the insecure call to system(3) with calls to
vfork(2) and execle(3) (apparently execle(3) is used in order to specify
a null environment).

This is effective measure to fix loadmodule, uname(2) is still the most
elegant fix which has been overlooked.

Cheers,

Neil
-- 
Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way,
M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl.

     ...like a badger with an afro throwing sparklers at the Pope...

[prev in list] [next in list] [prev in thread] [next in thread]