Subject: Re: Proposal for new utility in base: bin/nc
To: None <tech-userlevel@netbsd.org>
From: Todd Vierling <tv@wasabisystems.com>
List: tech-userlevel
Date: 10/17/2001 10:41:47
On Fri, 12 Oct 2001, Mike Pelley wrote:

: Alistair Crooks wrote:
:
: > "If netcat is compiled with -DGAPING_SECURITY_HOLE, the -e argument specifies
: > a program to exec after making or receiving a successful connection.

: > Now, personally, I don't like introducing "gaping security holes"
: > into the base system. Call me old-fashioned, but I personally don't
: > want my name in lights on any number of Bugtraq advisories.

FWIW, this 'gaping security hole' is nothing more than a one-shot,
single-service inetd (precisely what you quoted, if you reread it).  I'd
call that about as gaping as letting untrusted people have shell access in
the first place.  You could do precisely this with a three-line perl
program, too....

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  Wasabi NetBSD:  Run with it.
-- CDs, Integration, Embedding, Support -- http://www.wasabisystems.com/