[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)
From: Dave Horsfall <dave () horsfall ! org>
Date: 2021-01-27 9:31:51
Message-ID: alpine.BSF.2.21.9999.2101272010280.36435 () aneurin ! horsfall ! org
[Download RAW message or body]
> I think that's a very fair point. Also it seems the development trend in
> sudo is to actually increase complexity even more and adding all kinds
> of features that really should not be part of a suid tool, see e.g.
> https://computingforgeeks.com/better-secure-new-sudo-release/
I just happen to have a very much simplified version called "ssu"; I
worked on it and fixed a few gaping security holes... They should have
been obvious to any novice programmer (which said idiot^2 boss was not).
-- Dave
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic