BSD tty security, part 4: What You Can Look Forward To
Dan Bernstein
brnstnd at kramden.acf.nyu.edu
Thu May 2 03:10:56 AEST 1991
In article <1991May1.010657.281 at lokkur.dexter.mi.us> scs at lokkur.dexter.mi.us (Steve Simmons) writes:
> Some CERT person may correct me, but I believe that CERT only
> makes public announcements when a fix or workaround is already
> available.
May I remind you that a fix *is* available? It's not a plug 'n' play
patch, but it does the job, and I'm perfectly willing to help people
implement it if something isn't clear in the original description. I
went to quite a bit of effort to put part 3 together, so it's rather
depressing to see someone say that the fixes don't exist.
I expect that CERT will announce when binary patches are available to
fix these holes on some machine. Sites that want to speed this process
should complain to their vendors. Sites that have modified their systems
can still apply the fixes I've explained.
---Dan
More information about the Comp.unix.wizards
mailing list