Date: Tue, 7 Jan 2003 12:41:07 -0600 From: Mike Meyer <mwm-dated-1042396868.c58ddd@mired.org> To: Mark <admin@asarian-host.net> Cc: questions@freebsd.org Subject: Re: security vulnerability in dump Message-ID: <15899.8003.614686.55789@guru.mired.org> In-Reply-To: <200301071835.H07IZMJ40741@asarian-host.net> References: <200301071548.H07FM0J93369@asarian-host.net> <20030107180013.D14422@slave.east.ath.cx> <200301071835.H07IZMJ40741@asarian-host.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Mark, > When dumping to a file, dump writes this file chmod 644. When the > root-partition is being backed-up, this leaves the dump-file vulnerable > to scanning by unprivileged users for the duration of the dump. This is an important issue you've found in dump. Please submit a PR with the send-pr command so the security people will see it. They may read this list, but they may not. They do read PR's flagged as security issues. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/consulting.html Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15899.8003.614686.55789>