[BusyBox] Are telnetd and login save?
Wolfgang Denk
wd at denx.de
Thu Jul 17 13:12:02 UTC 2003
In message <3F169B04.1080804 at imc-berlin.de> you wrote:
>
> >>Or if we have to be prepared that someday someone comes up with an
> >>buffer overflow exploit (or whatever) that allows hin to break in to a
> >>busybox system (and get root access)?
> >
> > With telnet this is definitely the case.
>
> Why? I thought if you're carefully checking lenght and size of
> incomming packets before processing them you're safe? Am I wrong?
You will have to be afraid of breakins because someone might record
the passwords you're transferring, and use the regular root login
then.
Best regards,
Wolfgang Denk
--
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-4596-87 Fax: (+49)-8142-4596-88 Email: wd at denx.de
There's an old proverb that says just about whatever you want it to.
More information about the busybox
mailing list