From owner-freebsd-questions  Sat Feb  8 17:02:47 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA12129
          for questions-outgoing; Sat, 8 Feb 1997 17:02:47 -0800 (PST)
Received: from narcissus.ml.org (root@brosenga.Pitzer.edu [134.173.120.201])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA12114
          for <freebsd-questions@freebsd.org>; Sat, 8 Feb 1997 17:02:31 -0800 (PST)
Received: (from ben@localhost) by narcissus.ml.org (8.7.5/8.7.3) id RAA07214; Sat, 8 Feb 1997 17:02:24 -0800 (PST)
Date: Sat, 8 Feb 1997 17:02:24 -0800 (PST)
From: Snob Art Genre <ben@narcissus.ml.org>
To: "T. William Wells" <bill@twwells.com>
cc: freebsd-questions@freebsd.org
Subject: Re: 2.1.7 binaries and 2.1.5 system
In-Reply-To: <m0vtNXP-0000sRC@twwells.com>
Message-ID: <Pine.BSF.3.91.970208170122.7209A-100000@narcissus.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Sat, 8 Feb 1997, T. William Wells wrote:

> I want to do a quick substitution of the 2.1.7 setuid programs
> (when 2.1.7 comes out) into my 2.1.5 system, as I don't have the
> time to do a full upgrade. Any caveats?

Yes: a privileged program can run an unprivileged program that still has
the problems.  So to be secure, you'll want to replace all
statically-linked binaries. 



 Ben

"You have your mind on computers, it seems."