I was wondering if anyone has had any experience compiling
the firewall toolkit under Nextstep (not an ideal platform for
this kinda stuff I know, but we're using it for reasons outside
my control).
I've managed to get it to compile, after changing a couple of
things in Makefile.config and firewall.h, and it appears to
work fine.
I'm not sure to what extent Nextstep is vulnerable to the syslog()
problem - I tried one of the few programs floating around that
tests for the vulnerability, and I get seg. faults when 8k or more
is passed to it. (NS3.3 on i486)
I modified smap.c to not accept to/from lines >1024 bytes, and
I linked the entire toolkit against newlog-1.0, which supposedly
does bounds checking on syslog() - getting it to compile on Nextstep
was a bit awkward (had to grab sys/cdefs.h off FreeBSD, define
STDERR_FILENO or something I can't quite remember :)) but it (again)
appears to be working fine.
Does anyone have any comments on this? I'm admiteddly a newbie
when it comes to C :)
regards,
luke.
|
|
