Date: Sun, 10 Aug 1997 15:51:54 +0200 (CEST) From: Eivind Eklund <perhaps@yes.no> To: Brian Mitchell <brian@firehouse.net> Cc: bugtraq@netspace.org, freebsd-security@FreeBSD.ORG Subject: Re: procfs hole Message-ID: <199708101351.PAA04930@bitbox.follo.net> In-Reply-To: Brian Mitchell's message of Sun, 10 Aug 1997 05:37:40 -0400 (EDT) References: <Pine.NEB.3.96.970810052824.3287A-100000@apocalypse.saturn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected, > I have not tested 3.x but I believe it to be vulnerable as well) along > with OpenBSD (not tested by me, but by someone else -- believe it was > 2.1-RELEASE although obsd doesnt mount procfs by default like freebsd > does). Temporary fix: Disable the /proc filesystem. Setting ro instead of rw in /etc/fstab or chmod'ing on the mountpoint do _not_ work. Eivind, looking for a proper fix, but not expecting to get there before David.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708101351.PAA04930>