[src/netbsd-1-5]: src/distrib/notes/common Pullup 1.92 [hubertf]:

[tv <tv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/707e80b5da15
branches:  netbsd-1-5
changeset: 490227:707e80b5da15
user:      tv <tv%NetBSD.org@localhost>
date:      Tue Nov 14 03:39:41 2000 +0000

description:
Pullup 1.92 [hubertf]:
Mention code audits - format string, and others - and what they gain.

diffstat:

 distrib/notes/common/main |  8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diffs (22 lines):

diff -r 3a68d0c3558f -r 707e80b5da15 distrib/notes/common/main
--- a/distrib/notes/common/main Tue Nov 14 03:36:57 2000 +0000
+++ b/distrib/notes/common/main Tue Nov 14 03:39:41 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: main,v 1.61.2.7 2000/11/13 11:04:47 lukem Exp $
+.\"    $NetBSD: main,v 1.61.2.8 2000/11/14 03:39:41 tv Exp $
 .\"
 .\" Copyright (c) 1999, 2000 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -265,6 +265,12 @@
 .It
 Disable various services by default, and set the default options for
 disabled daemons to a higher level of logging.
+.It 
+Several code audits were performed, the last one identifying and disabling 
+places where format strings were used in an
+unsafe way, allowing arbitrary data enterred by (possibly) mallicious
+users to overwrite application code, and leading from Denial of
+Service attacks to compromised system.
 .bullet)
 .
 .Ss2 System administration and user tools