tech-security: Re: [venglin@freebsd.lublin.pl: local root compromise in openbsd 3.0 and below]

Subject: Re: [venglin@freebsd.lublin.pl: local root compromise in openbsd 3.0 and below]
To: Steven M. Bellovin <smb@research.att.com>
From: Jan Schaumann <jschauma@netbsd.org>
List: tech-security
Date: 04/11/2002 15:04:06

"Steven M. Bellovin" <smb@research.att.com> wrote:

> This is a *really* old attack -- does it really still work?  My very 
> quick tests suggest that it doesn't under NetBSD, because, as mail(1) 
> says in describing -I:
> 
> 	In particular, the `~' special character when sending mail
> 	is only active in interactive mode.

Oh, yeah.  S'ppose I should have RTFM'd more carefully.

Anyway, good to know.

-Jan