On Wed, Aug 28, 2019 at 12:03:07PM -0600, Theo de Raadt wrote:
> ping and traceroute are setuid programs, so increased access-reduction
> features are worthwhile.
>
> they can both lock their filesystem visibility to "readonly" very early on.
>
> the attack model being prevented against is very o
ping and traceroute are setuid programs, so increased access-reduction
features are worthwhile.
they can both lock their filesystem visibility to "readonly" very early on.
the attack model being prevented against is very obscure. it imagines a
bug in something between start-of-program and call-t
