From owner-freebsd-security  Fri Aug 27 10: 0:38 1999
Delivered-To: freebsd-security@freebsd.org
Received: from inet.chip-web.com (c1003518-a.plstn1.sfba.home.com [24.1.82.47])
	by hub.freebsd.org (Postfix) with SMTP id 265D215F18
	for <freebsd-security@FreeBSD.ORG>; Fri, 27 Aug 1999 10:00:29 -0700 (PDT)
	(envelope-from ludwigp@bigfoot.com)
Received: (qmail 4945 invoked from network); 27 Aug 1999 17:00:49 -0000
Received: from furball.chip-web.com (HELO bigfoot.com) (172.16.1.29)
  by inet.chip-web.com with SMTP; 27 Aug 1999 17:00:49 -0000
Message-ID: <37C6C42E.78E600F4@bigfoot.com>
Date: Fri, 27 Aug 1999 10:00:30 -0700
From: Ludwig Pummer <ludwigp@bigfoot.com>
X-Mailer: Mozilla 4.61 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Eivind Eklund <eivind@FreeBSD.ORG>
Cc: Fernando Schapachnik <fpscha@via-net-works.net.ar>,
	freebsd-security@FreeBSD.ORG
Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root 
 explot]
References: <199908261758.KAA94925@burka.rdy.com> <199908271214.JAA00774@ns1.sminter.com.ar> <19990827142016.U79110@bitbox.follo.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



Eivind Eklund wrote:
> 
> On Fri, Aug 27, 1999 at 09:14:22AM -0300, Fernando Schapachnik wrote:
> > Patches for 2.2.8 are too much asking?
> 
> Yes - 2.2.8 doesn't have the problem (AFAIK, at least - feel free to
> test it if you have easy access and time).

It was pointed out yesterday that 3 conditions need to be present for
this to be exploitable, and 2.2.8 doesn't have at least one of the
conditions (core dump won't follow symlinks in 2.2.8).

--Ludwig Pummer <ludwigp@bigfoot.com>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message