From owner-freebsd-questions@FreeBSD.ORG Thu May 27 04:46:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7E1116A4DE for ; Thu, 27 May 2004 04:46:55 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id E958743D3F for ; Thu, 27 May 2004 04:46:54 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) i4RBk2Tg010571 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 27 May 2004 12:46:02 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id i4RBk2Sc010570; Thu, 27 May 2004 12:46:02 +0100 (BST) (envelope-from matthew) Date: Thu, 27 May 2004 12:46:02 +0100 From: Matthew Seaman To: Richard Stevenson Message-ID: <20040527114602.GC9499@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Richard Stevenson , questions@freebsd.org References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="YD3LsXFS42OYHhNZ" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-Virus-Scanned: clamd / ClamAV version devel-20040525, clamav-milter version 0.71 X-Virus-Status: Clean X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on happy-idiot-talk.infracaninophile.co.uk cc: questions@freebsd.org Subject: Re: your mail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2004 11:46:58 -0000 --YD3LsXFS42OYHhNZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, May 27, 2004 at 10:36:48AM +1200, Richard Stevenson wrote: > I've got a quick question about the most recent security advisory,=20 > FreeBSD-SA-04:11.msync. I'm trying to figure out how big an issue it is= =20 > (whether or not I need to stop everyone's access to the file server until= =20 > it's patched), given that we've got no "untrusted" users on our systems.= =20 > Does anyone know if it's possible for a user to trigger this problem=20 > unintentionally or accidentally? You user would have to run some code programmed specially to produce the effect. Look at this thread on freebsd-hackers to see the problem report that ultimately resulted in the security advisory: http://lists.freebsd.org/pipermail/freebsd-hackers/2004-March/006396.ht= ml As you can see, the first discovery was due to inadvertently triggering the behaviour. However, if the problem isn't happening to you already, and you trust your users to the extent that they will not deliberately set out to trigger such a thing, then you can probably get away allowing your users to carry on accesssing your file server for a while longer. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --YD3LsXFS42OYHhNZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAtdT6iD657aJF7eIRAiWFAJ9E5UlM1gDN2ksumXpP5CrQG/HIcgCffqrO dlzzyz2KfixVpQwkENuQEJ0= =dGQ6 -----END PGP SIGNATURE----- --YD3LsXFS42OYHhNZ--