From owner-cvs-all  Fri Oct 19 10:57:20 2001
Delivered-To: cvs-all@freebsd.org
Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18])
	by hub.freebsd.org (Postfix) with ESMTP
	id B110F37B40F; Fri, 19 Oct 2001 10:57:07 -0700 (PDT)
Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [fec0::1:12])
	by Awfulhak.org (8.11.6/8.11.6) with ESMTP id f9JHv5T17254;
	Fri, 19 Oct 2001 18:57:05 +0100 (BST)
	(envelope-from brian@freebsd-services.com)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id f9JHv2b02907;
	Fri, 19 Oct 2001 18:57:02 +0100 (BST)
	(envelope-from brian@freebsd-services.com)
Message-Id: <200110191757.f9JHv2b02907@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
To: Ruslan Ermilov <ru@FreeBSD.org>
Cc: Brian Somers <brian@freebsd-services.com>,
	Brian Somers <brian@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org, brian@freebsd-services.com
Subject: Re: cvs commit: src/usr.sbin/ppp arp.c 
In-Reply-To: Message from Ruslan Ermilov <ru@FreeBSD.org> 
   of "Fri, 19 Oct 2001 20:39:48 +0300." <20011019203948.J24666@sunbay.com> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 19 Oct 2001 18:57:02 +0100
From: Brian Somers <brian@freebsd-services.com>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

> On Fri, Oct 19, 2001 at 06:18:09PM +0100, Brian Somers wrote:
> > > On Fri, Oct 19, 2001 at 09:52:15AM -0700, Brian Somers wrote:
> > > > brian       2001/10/19 09:52:15 PDT
> > > > 
> > > >   Modified files:        (Branch: NETGRAPH)
> > > >     usr.sbin/ppp         arp.c 
> > > >   Log:
> > > >   MFC: Write static arp entries as uid 0
> > > >   
> > > >   Revision  Changes    Path
> > > >   1.38.2.4  +2 -2      src/usr.sbin/ppp/arp.c
> > > > 
> > > So that was indeed required after my rtsock.c changes?
> > 
> > Yes - previously ppp used to depend on the fact that it opened the 
> > SOCK_RAW socket as uid 0.  Now it must have uid 0 when it writes to 
> > the socket too.
> > 
> I recall telling you that OpenBSD should be vulnerable to this
> too, and you told you'll have to check this.

The OpenBSD code *looks* like it needs it too (and it now has it).  I 
haven't tested this yet though.

> Cheers,
> -- 
> Ruslan Ermilov		Oracle Developer/DBA,
> ru@sunbay.com		Sunbay Software AG,
> ru@FreeBSD.org		FreeBSD committer,
> +380.652.512.251	Simferopol, Ukraine
> 
> http://www.FreeBSD.org	The Power To Serve
> http://www.oracle.com	Enabling The Information Age

-- 
Brian <brian@freebsd-services.com>                <brian@Awfulhak.org>
      http://www.freebsd-services.com/        <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour !      <brian@[uk.]OpenBSD.org>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message