search for: foke

I'll be able to test on next 4.2 after the initial 3.3 port. I have a vsnprintf/snprintf that compiles (works?) on NeXT. Not sure how portable nor if it truely solves the security issue (it's from the comp.sys.next.programmer fokes). Plus NeXT 3.3 (not sure about 4.2 yet) lacks a putenv(). I found one that compiles cleanly from the GNU libc fokes. Which brings up licensing issues. I'm not sure if we can get a wavier or if we will have to write our own. It looks simple enough to rewrite if we have to. I personally h...

I seem to have stumbled across another vulnerability in DIP. It appears to allow any user to gain control of arbitrary devices in /dev. For instance, I have successfully stolen keystrokes from a root login as follows... (I could also dump characters to the root console) $ whoami cesaro $ cat < /dev/tty1 <------ root login here bash: /dev/tty1: Permission denied

To ensure that future releases of portable OpenSSH are as bug-free as possible, we need to recruit a team of testers. Each tester would be responsible for a particular OS platform and would be called upon to test snapshots before they are marked as official releases. The release would not go out until it had been given the OK by testers on each supported platform. A corollary of this is that

..._BOGUS_SYS_QUEUE_H worked for them. However you must have BOTH HAVE_SYS_QUEUE_H and HAVE_BOGUS_SYS_QUEUE_H set. As for INADDR_LOOPBACK. I'd like to know where on BSD/OS that is defined so we can check and include it correctly. Otherwise the correct fix (which I am verifying with the SCO 3 fokes) is to change it to #define INADDR_LOOPBACK (0x7f000001L) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...e fixed. Ya, I know.=) I hate touching other people's servers and even worse having root on them. 2. AIX (some version) stall on large data output. Current CVS patch is wrong and will be pulled unless an agreement can be made. 3. Any platform lacking mmap() will not have compression (Sorry fokes, this is not an issue really..This is a fact of life.) Those platforms lacking a usable MAP_ANON should test the release. It should fall back to /dev/zero mmap() then back to sparse files. NOTE: The fall back is runtime so if one could (gawd) compile and run OpenSSH on multiple kernel release...