Date: Tue, 5 Sep 2000 10:23:12 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> Cc: freebsd-security@freebsd.org, security-officer@freebsd.org Subject: Re: UNIX locale format string vulnerability (fwd) Message-ID: <Pine.BSF.4.21.0009051020390.17724-100000@freefall.freebsd.org> In-Reply-To: <200009051354.e85Dshb28813@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 5 Sep 2000, Cy Schubert - ITSD Open Systems Group wrote:
> Wouldn't a FreeBSD system with Linux compatibility being utilised be
> vulnerable too?
Yes, but only if you've installed a vulnerable linux binary which is
setuid or setgid something. We don't install any set[ug]id binaries in the
linux_base or linux_devtools ports.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009051020390.17724-100000>