From owner-freebsd-security Thu Aug 27 12:45:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA12512 for freebsd-security-outgoing; Thu, 27 Aug 1998 12:45:15 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from indigo.ie (ts04-067.dublin.indigo.ie [194.125.148.197]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA12456 for ; Thu, 27 Aug 1998 12:45:04 -0700 (PDT) (envelope-from rotel@indigo.ie) Received: (from nsmart@localhost) by indigo.ie (8.8.8/8.8.7) id UAA01055; Thu, 27 Aug 1998 20:37:21 +0100 (IST) (envelope-from rotel@indigo.ie) From: Niall Smart Message-Id: <199808271937.UAA01055@indigo.ie> Date: Thu, 27 Aug 1998 20:37:16 +0000 In-Reply-To: ; Nicholas Charles Brawn Reply-To: rotel@indigo.ie X-Files: The truth is out there X-Mailer: Mail User's Shell (7.2.6 beta(3) 11/17/96) To: Nicholas Charles Brawn , freebsd-security@FreeBSD.ORG Subject: Re: trusted path execution patch Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Aug 26, 2:32am, Nicholas Charles Brawn wrote: } Subject: trusted path execution patch > For those not familiar with route's patch (Phrack 52, article 6), it > limits the execution of binaries to those in directories designated as > "trusted". That being (in this case), those that aren't writable by > group or other, and are owned by either root, bin, or have the gid of a > "trusted" group. So are you going to audit all those utilities in the trusted path for buffer overflows? Niall -- Niall Smart, rotel@indigo.ie. Amaze your friends and annoy your enemies: echo '#define if(x) if (!(x))' >> /usr/include/stdio.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message