Date: Mon, 4 Aug 1997 13:36:48 -0400 (EDT) From: Nathan Dorfman <nathan@rtfm.net> To: ports@FreeBSD.org Cc: obrien@NUXI.com Subject: Serious Problem in icmpinfo-1.11 Port Message-ID: <199708041736.NAA12428@limbo.rtfm.net>
next in thread | raw e-mail | index | archive | help
Here is the last couple of lines of a make install for icmpinfo-1.11 ports as included in 3.0-970718-SNAP: ===> Installing for icmpinfo-1.11 install -c -s -o bin -g bin -m 555 /usr/ports/net/icmpinfo/work/icmpinfo-1.11/icmpinfo /usr/local/bin /usr/sbin/chown root /usr/local/bin /* umm, ok */ /bin/chmod 4555 /usr/local/bin /* umm, not ok! */ install -c -o bin -g bin -m 444 /usr/ports/net/icmpinfo/work/icmpinfo-1.11/icmpinfo.man /usr/local/man/man1/icmpinfo.1 install -c -o bin -g bin -m 444 /usr/ports/net/icmpinfo/work/icmpinfo-1.11/README /usr/local/share/doc/icmpinfo ===> Compressing manual pages for icmpinfo-1.11 ===> Registering installation for icmpinfo-1.11 If you look at the 2nd and 4th lines, it makes /usr/local/bin setuid root! Probably in an attempt to make icmpinfo setuid root: # ls -ld /usr/local/bin dr-sr-xr-x 2 root wheel 5632 Aug 4 13:25 /usr/local/bin Anyone else see something like this?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708041736.NAA12428>