Notes for March 12, 1997

  1. Hello
    1. Projects due Friday; if you want an extension until Monday, give me a note which says that you are requesting the extension and you waive any objections to turning in work during final time. It must be hardcopy and signed; if it's a group project, it must be signed by all members of the group.
  2. Common Implementation Vulnerabilities
    1. Overflow (year 2000, 2038 for UNIX, lpr overwriting flaw, sendmail large integer flaw, su buffer overflow)
    2. Race conditions (xterm flaw, ps flaw)
    3. Environment variables (vi one-upsmanship)
    4. Not resetting privileges (Purdue Games incident)

You can also see this document as a Binhex Framemaker version 5 document, Postscript document, or a plain ASCII text document.
Send email to

Department of Computer Science
University of California at Davis
Davis, CA 95616-8562

Page last modified on 3/15/97