Re: [Sheflug] Sheflug Meeting / AccessSpace NIS

[Will Newton <nospam [at] misconception.org.uk>]

On Mon, 2 Apr 2001 home [at] alexhudson.com wrote:

> But both attacks are local attacks - they only count if you have a machine
> with untrusted users. And even then, only in limited circumstances (it's
> harder than a temp file attack, in the case of DEADJOE). Not something
> that's going to keep me awake at night..

It's not that it bothers me, I never run joe, I'm a vim man. And yes, I do
recall vim having a quite similar vulnerability a few months ago, but the
joe vulnerabilities do hint at some pretty crap program design.

> . I seem to also recall you were the one giving people heat for criticising
> Redhat's ridiculous release of 7.0, the Linux distro which gave us the
> Ramen worm, the Lion worm and two weeks' uptime... I don't remember you
> calling them 'schoolboys' :)

Hem, well, the Ramen worm and Lion worm could be written to attack several
distros that run particular versions of services, but it was written to
target RedHat because it's most widely used. Anyway, I run RH 7.0.5 or
something, so it wouldn't affect me. :)

--
Will Newton QC
Satan's Solicitor


---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.