Date: Mon, 25 May 1998 12:53:21 +0100 From: njs3@doc.ic.ac.uk (Niall Smart) To: Steve Price <steve@FreeBSD.ORG>, steve@hub.freebsd.org, freebsd-bugs@hub.freebsd.org Subject: Re: bin/6649 Message-ID: <E0ydvof-00055c-00@oak66.doc.ic.ac.uk> In-Reply-To: Steve Price <steve@FreeBSD.ORG> "Re: bin/6649" (May 24, 8:57pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On May 24, 8:57pm, Steve Price wrote: } Subject: Re: bin/6649 > Synopsis: [PATCH] normal users can initiate gigantic ping floods > > Responsible-Changed-From-To: freebsd-bugs->steve > Responsible-Changed-By: steve > Responsible-Changed-When: Sun May 24 20:53:19 PDT 1998 > Responsible-Changed-Why: > Patch committed to -current, thanks! I will MFC if nobody > thinks of any problems with the patch. Steve, This issue was discussed on BUGTRAQ, you can check the archives at http://www.geek-girl.com/bugtraq/1998_2/0345.html. OpenBSD have developed a patch which addresses this issue in a more general way, I think it would be a good idea to check it out, you can find more information at http://www.openbsd.org/errata.html#kill. Their patch basically prevents the user from sending certain signals to set[ug]id processes. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0ydvof-00055c-00>