From owner-freebsd-security Mon Dec 18 9:56:10 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 18 09:56:08 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id B2B1137B400; Mon, 18 Dec 2000 09:56:07 -0800 (PST) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by smtp1.sentex.ca (8.11.1/8.11.1) with ESMTP id eBIHu6l61477; Mon, 18 Dec 2000 12:56:06 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.0.1.4.0.20001218124818.01cf9040@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.0.1 Date: Mon, 18 Dec 2000 12:49:49 -0500 To: Kris Kennaway From: Mike Tancsa Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20001218082209.C29592@citusc.usc.edu> References: <156200781518.20001218191409@sandy.ru> <20001218153619.071BE37B400@hub.freebsd.org> <156200781518.20001218191409@sandy.ru> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 08:22 AM 12/18/00 -0800, Kris Kennaway wrote: >On Mon, Dec 18, 2000 at 07:14:09PM +0300, Vladimir Dubrovin wrote: > > Hello FreeBSD Security Advisories, > > > > As far as I remember this issue was patched twice - in 1997 and in > > January 2000. Do I miss something? > >There have been other vulnerabilities in procfs in the past. There may >be others discovered in the future..it's what you might call "risky >code". Apart from not mounting it, does mounting it readonly make any difference ? proc /proc procfs r 0 0 instead of proc /proc procfs rw 0 0 What does one loose these days on 4.x not mounting it by default ? ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message