Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]

[alan () LXORGUK UKUU ORG UK (Alan Cox)]

> On Mon, 27 Sep 1999 11:35:44 EDT, Dan Astoorian <djast () CS TORONTO EDU>  said:
> > A trivial demo program that demonstrates the problem is attached.  (It
> > needs no special privileges; run it as an unprivileged user in any
> > writable directory.)  The program reports "okay" under Solaris 2.5.1 and
> > IRIX 6.5.2, "vulnerable" under RedHat 6.
>
> AIX 4.3.2 with all the recent Fixdist patches also says "okay".

Linux will also do so very soon. There are no standards issues here just
common sense. So Solar's patches for that and mknod are "no brainer" fixes