Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 4 Feb 97 10:00:58 CST
From:      Joe Greco <jgreco@solaria.sol.net>
To:        karl@Mcs.Net (Karl Denninger)
Cc:        spork@super-g.com, danny@panda.hilink.com.au, security@FreeBSD.ORG
Subject:   Re: Question: 2.1.7?
Message-ID:  <199702041600.KAA00609@solaria.sol.net>
In-Reply-To: <199702041551.JAA18527@Jupiter.Mcs.Net> from "Karl Denninger" at Feb 4, 97 09:51:23 am

next in thread | previous in thread | raw e-mail | index | archive | help
> Warning!
> 
> There are static-linked executables which are shipped SUID with most FreeBSD
> implementations.  THESE MUST BE RECOMPILED ALSO!
> 
> Make very, very sure you don't have any old SUID executables laying around.
> If you do, you're vulnerable even with a libc fix.

Warning!

You pretty much have to recompile the entire system, to be safe.

Otherwise there will come a time when someone discovers a vulnerability
due to a non-SUID executable being forked off (perhaps several layers deep)
by a SUID program or other program being run by root...

Paranoid?  Yes.  True?  Sadly.

I am very interested in this whole topic...

... Joe

-------------------------------------------------------------------------------
Joe Greco - Systems Administrator			      jgreco@ns.sol.net
Solaria Public Access UNIX - Milwaukee, WI			   414/342-4847



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702041600.KAA00609>