Date: Thu, 11 Oct 2001 21:07:46 +0800 From: Eugene Grosbein <eugen@grosbein.pp.ru> To: Max Khon <fjoe@iclub.nsu.ru> Cc: security@FreeBSD.ORG Subject: Re: [security-advisories@FreeBSD.ORG: FreeBSD Security Advisory FreeBSD-SA-01:62.uucp] Message-ID: <20011011210746.A743@grosbein.pp.ru> In-Reply-To: <20011011194407.A14596@iclub.nsu.ru>; from fjoe@iclub.nsu.ru on Thu, Oct 11, 2001 at 07:44:07PM %2B0700 References: <20011011194407.A14596@iclub.nsu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Oct 11, 2001 at 07:44:07PM +0700, Max Khon wrote: > ============================================================================= > FreeBSD-SA-01:62 Security Advisory > FreeBSD, Inc. > > Topic: UUCP allows local root exploit > > [...] > > any objections if I commit this to RELENG_3? > > proposed patch attached > > /fjoe > --- gnu/libexec/uucp/cu/Makefile.orig Sun Aug 29 22:29:20 1999 > +++ gnu/libexec/uucp/cu/Makefile Tue Oct 9 10:12:37 2001 > @@ -12,6 +12,7 @@ > DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP) > CFLAGS+= -I$(.CURDIR)/../common_sources\ > -DVERSION=\"$(VERSION)\" > +INSTALLFLAGS+= -fschg > > .include <bsd.prog.mk> > .PATH: $(.CURDIR)/../common_sources > --- gnu/libexec/uucp/uucp/Makefile.orig Sun Aug 29 22:30:38 1999 > +++ gnu/libexec/uucp/uucp/Makefile Tue Oct 9 10:12:37 2001 > @@ -11,6 +11,7 @@ > DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP) > CFLAGS+= -I$(.CURDIR)/../common_sources\ > -DVERSION=\"$(VERSION)\" > +INSTALLFLAGS+= -fschg > > .include <bsd.prog.mk> > .PATH: $(.CURDIR)/../common_sources > --- gnu/libexec/uucp/uuname/Makefile.orig Sun Aug 29 22:30:42 1999 > +++ gnu/libexec/uucp/uuname/Makefile Tue Oct 9 10:12:37 2001 > @@ -11,7 +11,7 @@ > DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP) > CFLAGS+= -I$(.CURDIR)/../common_sources\ > -DVERSION=\"$(VERSION)\" > - > +INSTALLFLAGS+= -fschg > > .include <bsd.prog.mk> > .PATH: $(.CURDIR)/../common_sources > --- gnu/libexec/uucp/uustat/Makefile.orig Sun Aug 29 22:30:49 1999 > +++ gnu/libexec/uucp/uustat/Makefile Tue Oct 9 10:12:37 2001 > @@ -13,6 +13,7 @@ > CFLAGS+= -I$(.CURDIR)/../common_sources\ > -DOWNER=\"$(owner)\"\ > -DVERSION=\"$(VERSION)\" > +INSTALLFLAGS+= -fschg > > .include <bsd.prog.mk> > .PATH: $(.CURDIR)/../common_sources > --- gnu/libexec/uucp/uux/Makefile.orig Sun Aug 29 22:30:54 1999 > +++ gnu/libexec/uucp/uux/Makefile Tue Oct 9 10:12:37 2001 > @@ -11,6 +11,7 @@ > DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP) > CFLAGS+= -I$(.CURDIR)/../common_sources\ > -DVERSION=\"$(VERSION)\" > +INSTALLFLAGS+= -fschg > > .include <bsd.prog.mk> > .PATH: $(.CURDIR)/../common_sources > --- etc/periodic/daily/410.status-uucp.orig Tue Oct 9 10:09:11 2001 > +++ etc/periodic/daily/410.status-uucp Tue Oct 9 10:12:11 2001 > @@ -8,4 +8,5 @@ > echo "UUCP status:" > > - uustat -a > + (echo "/usr/bin/uustat -a" | su -fm uucp ) This line must be changed to + echo "/usr/bin/uustat -a" | su -fm uucp e.g ()'s must be omitted. > fi > --- usr.bin/tip/tip/Makefile.orig Mon Sep 21 16:41:35 1998 > +++ usr.bin/tip/tip/Makefile Tue Oct 9 10:12:37 2001 > @@ -21,6 +21,7 @@ > MAN5= modems.5 > SRCS= acu.c acutab.c cmds.c cmdtab.c cu.c hunt.c log.c partab.c \ > remote.c tip.c tipout.c value.c vars.c > +INSTALLFLAGS+= -fschg > > BINDIR?= /usr/bin > BINOWN= uucp Eugene To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011011210746.A743>