From owner-freebsd-stable Sat Jul 21 14: 7:17 2001 Delivered-To: freebsd-stable@freebsd.org Received: from freeway.dcfinc.com (cx74889-a.phnx3.az.home.com [24.1.193.157]) by hub.freebsd.org (Postfix) with ESMTP id 267EF37B405 for ; Sat, 21 Jul 2001 14:07:15 -0700 (PDT) (envelope-from chad@freeway.dcfinc.com) Received: (from chad@localhost) by freeway.dcfinc.com (8.8.8/8.8.8) id OAA18985; Sat, 21 Jul 2001 14:04:25 -0700 (MST) (envelope-from chad) Date: Sat, 21 Jul 2001 14:04:25 -0700 From: "Chad R. Larson" To: Mike Meyer Cc: "Chad R. Larson" , Chris Faulhaber , Tom , admin@kremilek.gyrec.cz, freebsd-stable@FreeBSD.ORG Subject: Re: probably remote exploit Message-ID: <20010721140425.B18907@freeway.dcfinc.com> References: <20010720111551.A12442@freeway.dcfinc.com> <20010720141820.C47930@peitho.fxp.org> <20010720140331.A12903@freeway.dcfinc.com> <15192.57986.777597.940024@guru.mired.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <15192.57986.777597.940024@guru.mired.org>; from mwm@mired.org on Fri, Jul 20, 2001 at 09:01:38PM -0500 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > The bottom line is that you need to do the > cvsup/buildworld/installworld with binaries that you trust. That > means either ones that were checksummed before the break-in, or ones > off a release cdrom. I still believe only the CVSup binary itself would have to be off a CD or match the checksum of a CD version (said checksum computed on some other machine, I suppose). After that, the sup/build/install process should be clean. -crl -- Chad R. Larson (CRL15) 602-953-1392 Brother, can you paradigm? chad@dcfinc.com chad@larsons.org larson1@home.com DCF, Inc. - 14623 North 49th Place, Scottsdale, Arizona 85254-2207 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message