From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <46c56be2fca23401566d24a82fe5ce91@caldo.demon.co.uk>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Plan9 buffer overflow exploit explained in Phrack Volume 0x0b, Issue 0x3e, Phile #0x09 of 0x0f
From: Charles Forsyth <forsyth@caldo.demon.co.uk>
In-Reply-To: <20030920071935.GA10246@ns.0xfe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Date: Sat, 20 Sep 2003 08:43:02 +0100
Topicbox-Message-UUID: 3d698964-eacc-11e9-9e20-41e7f4b1d025

>>I found it disheartening, but interesting nonetheless.

as far as i could tell:
	- the only `buffer overflow' exploited was one in his own program
	- the technique used will work on any conventional architecture that implements C;
	- all he did was work out the details of Plan 9 system call conventions, rather painfully
	   (he could just look at the mkfile)
	- he's learnt enough acid to peep at code but claims he can't find the editor
	- he seems to think that factotum remembering a password he's had to give it is equivalent
		to opening the door to everyone
	- the author seems aggressively ignorant (fairly typical of failing students in my experience)
i'd say he's actually just trying to show off to his phellow phile-istines.

i thought it was splendid: it's written in a breathless, manic style that rushes so quickly
from each misconception to the next.