Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!newsroom.utas.edu.au!munnari.OZ.AU!spool.mu.edu!howland.reston.ans.net!newsfeed.internetmci.com!swrinde!cs.utexas.edu!news.cs.utah.edu!news.cc.utah.edu!park.uvsc.edu!usenet
From: Terry Lambert <terry@lambert.org>
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: What OS for an ISP to use?
Date: 17 Nov 1995 21:05:00 GMT
Organization: Utah Valley State College, Orem, Utah
Lines: 23
Message-ID: <48itds$4ho@park.uvsc.edu>
References: <1995Nov15.130421.1503@hobbes.kzoo.edu> <48dbgq$g4s@agate.berkeley.edu>
NNTP-Posting-Host: hecate.artisoft.com
nickkral@parker.EECS.Berkeley.EDU (Nick Kralevich) wrote:
] Also, security coverage under Linux appears to be more extensive than
] under FreeBSD. For example, there was wide coverage in the Linux groups
] and the Linux security mailing lists, regarding the telnetd
] environment variable security hole (see comp.security.announce for
] more information). Even those this problem effected FreeBSD,
] there was no discussion in c.u.b.f.m regarding this. (Note: this
] might be due to the wording of the announcement. I suggest reading the
] alert message before following up to this paragraph). I didn't see
] any posts in the freebsd newsgroups regarding how to fix this hole,
] or even warning people that this hole existed.
It was discussed on the mailing lists. No one made a big deal
about it because it was already fixed in the -current working
source tree at the time the advisory was issued (read the whole
advisory, you'll see that FreeBSD -current wasn't vulnerable).
Terry Lambert
terry@cs.weber.edu
---
Any opinions in this posting are my own and not those of my present
or previous employers.