Results 1 to 2 of 2

Thread: "Question about the gets() function in C" as a security threat

  1. Oct 10th, 2001, 11:02 PM #1
    jim mcnamara
    Guest

    "Question about the gets() function in C" as a security threat

    buffer overruns:

    These are a great way to get to root (superuser) in unix.
    This will let you install a rootkit and commit other atrocities. Buffer overruns are a major security hole in unix. 'nuff said as guys like our friend bin Laden and his hacker cronies could be watching....

    Paranoia is fun, if you're only slightly insane.
    Otherwise it ruins your whole day.

    If you can't tell, I think unix needs thoracic surgery, but the keepers of the keys think otherwise.
    Reply With Quote Reply With Quote
  2. Oct 14th, 2001, 11:52 AM #2
    parksie
    parksie is offline
    Monday Morning Lunatic parksie's Avatar
    Join Date
    Mar 2000
    Location
    Mashin' on the motorway
    Posts
    8,169
    Yes, but stack smashing is bloody hard unless you know the EXACT revision (as in, not just version, what the file was compiled as) and even then it's tricky.
    I refuse to tie my hands behind my back and hear somebody say "Bend Over, Boy, Because You Have It Coming To You".
    -- Linus Torvalds
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width