Date: Wed, 27 Jan 2021 20:31:51 +1100 (EST) From: Dave Horsfall <dave@...sfall.org> To: OSS Security <oss-security@...ts.openwall.com> Subject: Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) > I think that's a very fair point. Also it seems the development trend in > sudo is to actually increase complexity even more and adding all kinds > of features that really should not be part of a suid tool, see e.g. > https://computingforgeeks.com/better-secure-new-sudo-release/ I just happen to have a very much simplified version called "ssu"; I worked on it and fixed a few gaping security holes... They should have been obvious to any novice programmer (which said idiot^2 boss was not). -- Dave
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.