Date: Wed, 1 Sep 1999 10:49:08 -0600 (MDT) From: Paul Hart <hart@iserver.com> To: freebsd-security@freebsd.org Subject: No patch yet for fts? Message-ID: <Pine.BSF.3.96.990901103524.21985B-100000@anchovy.orem.iserver.com>
next in thread | raw e-mail | index | archive | help
It looks like we've got kernel patches now to prevent core dumps from
following symbolic links which is excellent, but has anyone looked at
committing OpenBSD's fts(3) patch? See:
http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=199908271534.JAA27164@xerxes.cs.colorado.edu
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c?r1=1.18&r2=1.19
It looks like integrating that patch would allow us to put this entire fts
hole behind us for good.
Paul Hart
--
Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc.
hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990901103524.21985B-100000>