regarding cat

gui10 · 12-06-2001, 11:59 AM

i read somewhere (can't remember what, it's one of those linux books) that the command 'cat' presents a security compromise. the paper i read used plenty of techie jargon... if it's possible to, can anyone tell me in simple english how this is so?

===
out of context of post: to my amusement, after getting to use linux, there's now a 'cat' to go with the 'mouse' in my room... lol
===

unSpawn · 12-06-2001, 12:59 PM

"Cat" doesn't need elevated privileges (read: privileges of another user) to perform its task, I never heard of a buffer overflow in cat, and I don't know what you've read.

I think you better post some excerpt from what youve read...

rshaw · 12-06-2001, 01:02 PM

could use it to pipe keystrokes (passwords) to a file. just a thought.

unSpawn · 12-06-2001, 04:23 PM

IMO that *isn't* a risk in *cat* itself: it does what it is used for, catting something.

gui10 · 12-07-2001, 07:32 AM

the reason why i can't post up what i read (sorry about this, i know i'm coming across as vague) is coz i read it in a book in a bookshop... and i can't remember which one it is!!!

so thanks for all the contributions... i'll try to be less troublesome in the future...

unSpawn · 12-07-2001, 11:42 AM

Hell no! This aint troublesome.
For troublesome try backbilling a customer for one kool 500K and not finding any signed orders :-]

gui10 · 12-07-2001, 08:09 PM

Quote:

Hell no! This aint troublesome. For troublesome try backbilling a customer for one kool 500K and not finding any signed orders :-]

ho ho...
is that a personal experience? that must suck!