On Tue, 23 Apr 2002 cbbrowne@cbbrowne.com wrote:
> Suggestion: Why not embed this information into the binary, and
> provide some way of extracting it.
I like this!
> [Downside: "Announcement, script kiddies: If you find option
> UPDATE_DESCR_TABS=1 in the configuration information, then there's a
> very easy root exploit..."]
That's not a downside at all. If an exploit exists, you need only
try it, and it works or it doesn't.
In fact, it's an upside becuase it allows someone who doesn't have
exploit code more easily to determine whether or not he might be
vulnerable.
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974 http://www.netbsd.org Don't you know, in this new Dark Age, we're
alllight. --XTC