Cuserid() is a security hole
Steven M. SchultzY
sms at WLV.IMSD.CONTEL.COM
Sat Jun 3 18:57:52 AEST 1989
In article <902 at arisia.Xerox.COM> wagner at arisia.xerox.com (Juergen Wagner) writes:
>Cuserid is *NOT* a security hole. Programs relying on a property of this
>function which it doesn't have, are security holes.
>Juergen Wagner gandalf at csli.stanford.edu
> wagner at arisia.xerox.com
Enough is enough! After seeing this "problem/bug" posted umpteen
times i no longer restrain myself...
cuserid() is a System V(anilla) construct/problem NOT a
2.10.1BSD (or for that matter a 4.3BSD) concern at all.
for real 2BSD bugs contact either Keith Bostic
(bostic at okeeffe.berkeley.edu) (who will probably refer you to me)
or Steven Schultz (sms at wlv.imsd.contel.com).
Steven M. Schultz
sms at wlv.imsd.contel.com
More information about the Comp.unix.wizards
mailing list