From sutton@alsutton.com  Fri Aug 16 12:24:05 1996
Received: from alsutton.alsutton.demon.co.uk (root@alsutton.demon.co.uk [194.222.50.252]) by suburbia.net (8.7.4/Proff-950810) with SMTP id MAA06228; Fri, 16 Aug 1996 12:23:44 +1000
Received: from lois ([192.168.2.2]) by alsutton.alsutton.demon.co.uk (8.6.12/8.6.9) with SMTP id HAA10410; Thu, 15 Aug 1996 07:32:20 +0100
Message-ID: <3212C3BB.63E2@alsutton.com>
Date: Thu, 15 Aug 1996 07:29:15 +0100
From: Al Sutton <sutton@alsutton.demon.co.uk>
Organization: AlSutton.com 
X-Mailer: Mozilla 2.01Gold (Win95; I)
MIME-Version: 1.0
To: Julian Assange <proff@suburbia.net>
CC: best-of-security@suburbia.net
Subject: Re: BoS: Wide spread resolv+ bugs
References: <199608142328.JAA21236@suburbia.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Could this not be hole not be plugged by a wrapper similar to the one used to
plug the telnetd hole?

Al.

Julian Assange wrote:
> 
> Alan Cox intimated on bugtraq that he has found some bugs in resolv+.
> The bugs have been about for years and concern the passing of
> enviromental variables to resolv+ code (which is normally called by
> ping, rlogin, rsh, ssh etc). Since it looks like the cat is about to
> leap from the bag, I think I had better explain. Resolv+ is a library,
> often incorporated with libc, but sometimes stand alone (e.g -lresolv).
> It contains gethostbyname()/gethostbyaddr() as well as other dns
> functions.  As an example of wonders of resolv+:
> 
> $ export RESOLV_HOST_CONF=/etc/shadow
> $ rlogin thepopeneverlikedbadgersanywaymate
> 
> Linux is prone to this. Solaris/Sunos does not appear to be. FreeBSD is
> not. But thats ok, they make up for it with NLS/Locale, which is a far, far
> bigger problem.
> 
> --
> "Of all tyrannies a tyranny sincerely  exercised for the good of its victims
>  may be the most  oppressive.  It may be better to live under  robber barons
>  than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may
>  sometimes sleep,  his cupidity may at some point be satiated; but those who
>  torment us for own good  will torment us  without end,  for they do so with
>  the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_
> +---------------------+--------------------+----------------------------------+
> |Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
> |proff@suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
> |proff@gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
> +---------------------+--------------------+----------------------------------+