[PROXYPER] Security of perproxy

Joe Zbiciak j-zbiciak1 at ti.com
Mon Sep 7 14:16:21 EDT 1998

'Petr Novotny' said previously:

| is perproxy immune to buffer overflow kind of problems? 

I would imagine not.  Without source code, an external source code
audit is rather difficult.

| How do I know that?

You don't know that.  Therefore you should run the perproxy from an 
unprivileged userid.

| And also, can I run perproxy from some tcp wrappers? (I don't think 
| so...)

I believe that's correct, since it binds to the port directly and
runs as a daemon, rather than being spawned by inetd.



 +------ Joseph Zbiciak -----+
 | - - j-zbiciak1 at ti.com - - | "Can I ask you a really stupid question?"
 |-Texas Instruments, Dallas-|
 | - #include <disclaim.h> - | "Yes, and history will bear me out on that." 

To unsubscribe, send 'unsubscribe proxyper' to majordomo at lists.distributed.net

More information about the proxyper mailing list