Date: Sun, 24 Nov 1996 20:27:00 -0700 (MST) From: Marc Slemko <marcs@alive.ampr.ab.ca> To: security@freebsd.org Subject: cvs commit: ports/x11/XFree86 Makefile (fwd) Message-ID: <Pine.BSF.3.95.961124194653.12070M-100000@alive.ampr.ab.ca>
index | next in thread | raw e-mail
As per the below commit, SuperProbe is no longer setuid root on FreeBSD.
I would highly recommend that you remove the setuid bit if it is installed
on your system; it is normally in /usr/X11R6/bin/SuperProbe if you have X
installed. 'chmod u-s /usr/X11R6/bin/SuperProbe' will do the trick.
There are at least two possible buffer overflows which are trivial to find
by looking through the source. I have not investigated them fully to
determine if they are exploitable; they are not exploitable using the more
common methods, but they could still be exploitable.
By removing the setuid bit, the net result is that non-root users can't
probe your video chip. Funny, but to me that is a good thing not a bad
thing.
---------- Forwarded message ----------
Date: Sun, 24 Nov 1996 18:29:27 -0800 (PST)
From: Jean-Marc Zucconi <jmz@freefall.freebsd.org>
To: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
cvs-ports@freefall.freebsd.org
Subject: cvs commit: ports/x11/XFree86 Makefile
jmz 96/11/24 18:29:27
Modified: x11/XFree86 Makefile
Log:
Remove the suid bit of SuperProbe.
According to Marc Slemko (marcs@alive.ampr.ab.ca) there are potential
security holes in SuperProbe and it is not going to be setuid in the
next release.
Revision Changes Path
1.23 +2 -1 ports/x11/XFree86/Makefile
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961124194653.12070M-100000>