From owner-freebsd-security  Sun Aug 10 06:53:34 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA21625
          for security-outgoing; Sun, 10 Aug 1997 06:53:34 -0700 (PDT)
Received: from bitbox.follo.net (eivind@bitbox.follo.net [194.198.43.36])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA21620
          for <freebsd-security@FreeBSD.ORG>; Sun, 10 Aug 1997 06:53:31 -0700 (PDT)
Received: (from eivind@localhost) by bitbox.follo.net (8.8.5/8.7.3) id PAA04930; Sun, 10 Aug 1997 15:51:54 +0200 (CEST)
Date: Sun, 10 Aug 1997 15:51:54 +0200 (CEST)
Message-Id: <199708101351.PAA04930@bitbox.follo.net>
From: Eivind Eklund <perhaps@yes.no>
To: Brian Mitchell <brian@firehouse.net>
CC: bugtraq@netspace.org, freebsd-security@FreeBSD.ORG
In-reply-to: Brian Mitchell's message of Sun, 10 Aug 1997 05:37:40 -0400 (EDT)
Subject: Re: procfs hole
References: <Pine.NEB.3.96.970810052824.3287A-100000@apocalypse.saturn.net>
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> 
> There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected,
> I have not tested 3.x but I believe it to be vulnerable as well) along
> with OpenBSD (not tested by me, but by someone else -- believe it was
> 2.1-RELEASE although obsd doesnt mount procfs by default like freebsd
> does).

Temporary fix: Disable the /proc filesystem.  Setting ro instead of rw in
/etc/fstab or chmod'ing on the mountpoint do _not_ work.

Eivind,
looking for a proper fix, but not expecting to get there before David.