> On Wed, 07 Dec 2016 13:25:48 +0100, "Peter N. M. Hansteen" wrote: > > > Yes. See http://www.tedunangst.com/flak/post/who-even-calls-link-ntoa > > Right, link_ntoa(3) is not called with untrusted input so this is > a very minor issue. Also, route and netstat are not setuid or > setgid on OpenBSD.
I feel so much safer. CERT is still performing a role they don't understand.