HylaFAX The world's
most advanced open source fax server
Re: Hylafax and FreeBSD Ports
> I noticed that in the FreeBSD port of hylafax a comment says:
> FORBIDDEN= "Security hole (buffer overflow yielding setuid uucp)"
I never remember seeing anything about this on the Hylafax list.
The BSD people did a major survey, a couple of years ago, for buffer
overflows, but enen where they did report them to the developers
the reports were often undiplomatic and confusing - I think such a
report would have drawn discussion. (They tended to use a simplistic
rule of declaring any use of string functions without an explicit
length restriction constituted a buffer overrun, without looking at the
context to see whether parameters were known to be safe at that point.
Crying wolf is some cases, is not, however, a cause for complacency.)