Well, after a bit of testing, I'm going to use this patch instead: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0117.html
which seems to work very well. The "right fix" will be in 5.53, I suppose, but for now this is more than enough to close the hole. [ Additionally, for 5.50, there are some strcpy in unix/unix.c which have to be changed to strncpy, as you pointed out ]. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
