Comment 26 for bug 22052
Revision history for this message
|
|
#26 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Could somebody explain the security implication for me?
being able to write arbitrary strings into valid records without
overwriting any other data in utmp/wtmp can hardly be classified
as a security vulnerability.
(Apart from that, I'm only slightly annoyed as I had to learn about
this via MITRE / GNOME Bugzilla instead of a mail from the maintainer
to the security team?)
Regards,
Joey
--
Everybody talks about it, but nobody does anything about it! -- Mark Twain
Please always Cc to me when replying to me on the lists.