Date: Sun, 9 Nov 2003 03:28:08 -0800 From: Kris Kennaway <kris@obsecurity.org> To: kirt <krs@gaultopia.org> Cc: freebsd-questions@freebsd.org Subject: Re: vulnerability in su? Message-ID: <20031109112808.GA94834@xor.obsecurity.org> In-Reply-To: <20031109012325.GD829@yttrium.gaultopia.org> References: <20031109012325.GD829@yttrium.gaultopia.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sat, Nov 08, 2003 at 08:23:25PM -0500, kirt wrote: > is this a known issue? i didn't search to hard for a fix or anything since i quickly > fixed it myself, but i thought that a situation like that could make for some interesting > (read *bad*) situations. It's certainly possible to compromise your system in this way if you incorrectly update your /etc (e.g. by making a mistake with mergemaster). Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/riTIWry0BWjoQKURApy4AKCo5f1uccuLnLjy4rpCsmw7xCpmtwCg1Y1E Ei9Y8i5NV0ZyUc46Vw5Kues= =zVqx -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031109112808.GA94834>