From owner-freebsd-security  Wed Sep 15 19:20:51 1999
Delivered-To: freebsd-security@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id 20343153CF
	for <FreeBSD-security@FreeBSD.ORG>; Wed, 15 Sep 1999 19:20:46 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA75319;
	Wed, 15 Sep 1999 20:20:45 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA17712; Wed, 15 Sep 1999 20:20:08 -0600 (MDT)
Message-Id: <199909160220.UAA17712@harmony.village.org>
To: GregoryC@stcinc.com
Subject: Re: FreeBSD-SA-99:01 File Flags and Man-In-The-Middle Attack 
Cc: FreeBSD-security@FreeBSD.ORG
In-reply-to: Your message of "Wed, 15 Sep 1999 08:43:13 PDT."
		<37DFBE91.A07AAF8B@stcinc.com> 
References: <37DFBE91.A07AAF8B@stcinc.com>  
Date: Wed, 15 Sep 1999 20:20:08 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <37DFBE91.A07AAF8B@stcinc.com> Gregory Carvalho writes:
: It appears to me that this exploit can be avoided by logging in as root
: on all virtual terminals and immediately logging back out. Does my
: theory sound correct?

No.  It is not.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message