In article <19990630092358.a51...@wopr.caltech.edu>, Matthew Hunt <m...@astro.caltech.edu> wrote: > > I think the point is that when root is running tcpdump on host A, a bad > guy on host B can create a packet which makes tcpdump on A execute his > code (as root, since that's who's running it). This is not desirable.
I would say it is not _acceptable_. The code shouldn't go into our source tree until the known buffer overflow problems have been fixed. It's just stupid to add buffer overflow problems to a program that is always run as root. John -- John Polstra j...@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Self-interest is the aphrodisiac of belief." -- James V. DeLong To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
