Bugtraq mailing list archives
Re: Multiple vendors FTP denial of service
From: peterw () usa net
Date: Wed, 21 Mar 2001 15:46:56 -0500
At Wed, 21 Mar 2001 00:55:03 +0200 , Stefan Laudat <stefan () WORLDBANK RO> wrote:
.... and as a quick fix for nasty shell users having bash prompts on your machine, just enter 'set -f' in the /etc/profile.
...which users can override with 'set +f'
Of course, until we will get a fixed bash or a fixed libc(?).
Oh, please. Then the user writes/gets an app that abuses the system in another way. As another reader mentioned, for shells this is a resource limit problem, and attacking /bin/sh is the *wrong* way to "fix" the local exploit concerns. -Peter
Current thread:
- Re: Multiple vendors FTP denial of service, (continued)
- Re: Multiple vendors FTP denial of service The Flying Hamster (Mar 21)
- Re: Multiple vendors FTP denial of service Mike Gleason (Mar 16)
- Re: Multiple vendors FTP denial of service Crist Clark (Mar 19)
- Re: Multiple vendors FTP denial of service JT (Mar 19)
- Re: Multiple vendors FTP denial of service D. J. Bernstein (Mar 19)
- Re: Multiple vendors FTP denial of service jedi (Mar 20)
- Re: Multiple vendors FTP denial of service Pawel Wilk (Mar 20)
- Re: Multiple vendors FTP denial of service Interstellar Overdrive (Mar 23)
- Re: Multiple vendors FTP denial of service Stefan Laudat (Mar 21)
- Re: Multiple vendors FTP denial of service Nate Eldredge (Mar 22)
- Re: Multiple vendors FTP denial of service peterw (Mar 22)
- Re: Multiple vendors FTP denial of service Markku Savela (Mar 22)
- Multiple vendors FTP denial of service Peter Timothey Hessler (Mar 21)