Re: Buffer overflow potential question?

Thu, 1 Jul 1999 14:03:24 -0700 

   *** From dhcp-server -- To unsubscribe, see the end of this message. ***


What I do is have a restart script that basically checks to see if a
particular file has been modified. This keeps the users away from the
server and permits automatic restarts.

<><Randall Grimshaw, Network Programmer, Syracuse University, 315-443-5779

On Thu, 1 Jul 1999, Paul L. Lussier wrote:

>    *** From dhcp-server -- To unsubscribe, see the end of this message. ***
> 
> 
> Hi all,
> 
> Many of our users have a need to be able to stop/start local dhcp servers in a 
> test environment.  We are using a combination of modified sysVinit scripts,
> sudo, and world writeable config files to allow the users the cabability they 
> need without compromising root access.
> 
> My question is, is there any currently know way of using the config file to 
> create a buffer overflow that will grant root access? Or are there any other
> security concerns things we should be aware of?
> 
> Any help you can provide is greatly appreciated.
> 
> Thanks,
> 
> 
> -- 
> 
> Seeya,
> Paul
> ----
> Please reply to [EMAIL PROTECTED]  The corp sendmail people insist on
> rewriting outgoing mail (including Reply-to: headers!) to send to
> '@nortelnetworks.com' which we keep telling them is quite broken, but they
> don't listen :)
> 
> Broadband Technology Division - Bay Networks (now a Nortel Company, Eh? :)
> 
>       If you're not having fun, you're not doing it right!
> 
> 
> 
> ------------------------------------------------------------------------------
> To unsubscribe from this list, visit: http://www.isc.org/dhcp-lists.html
> -*-
> If you are without web access, or if you are having trouble with the web page,
> please send mail to [EMAIL PROTECTED] with the subject line of
> 'unsubscribe'.   
> ------------------------------------------------------------------------------
> 
> 
> 


------------------------------------------------------------------------------
To unsubscribe from this list, visit: http://www.isc.org/dhcp-lists.html
-*-
If you are without web access, or if you are having trouble with the web page,
please send mail to [EMAIL PROTECTED] with the subject line of
'unsubscribe'.   
------------------------------------------------------------------------------

Reply via email to