Re: Fwd: Bug script install slackware

[Raphael Bastos <tecnologia () bastosservice com br>]

2011/11/29 Patrick J. Volkerding <security () slackware com>

> Hello,
>
> While I'm sure there are a number of bugs in the crufty old installer
> scripts, I'll need to know how there's a security impact before notifying
> everyone that the sky has fallen.  I'd also like to note that if running
> the installer requires physical access to the machine I'm liable to
> consider security to already be non-existent at that time.
>
> Please clarify what is wrong with examples of how to reproduce the issue,
> and I'll look into it.
>
> Thanks.


Hello Pat,

It would be a security flaw .... Patrick I only report here on the list
because I sent an email to 30 days and getting no return. It would be
a bug that
affected the slackware developers.

But if you want to play a scenario, okay. Simply just change the variable mount
point to a directory other than / mnt and try to run the default
installation of Slackware, so you have a broken installation.

Thank you for your attention.

Att,
Raphael Bastos aka chemonz

===============================================
Bastos Service Manutenção Industrial Ltda.
www.bastosservice.com.br
Linux Reg. User: 388431  //  LPI ID: LPI000214711
email:~> $ echo "vgepqnqikcBdcuvquugtxkeg0eqo0dt" | perl -pe \
's/(.)/chr(ord($1)-2)/ge'
===============================================