From owner-freebsd-security Wed Feb 5 10:15:03 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA17128 for security-outgoing; Wed, 5 Feb 1997 10:15:03 -0800 (PST) Received: from nic.follonett.no (nic.follonett.no [194.198.43.10]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA17035 for ; Wed, 5 Feb 1997 10:14:54 -0800 (PST) Received: (from uucp@localhost) by nic.follonett.no (8.8.5/8.8.3) with UUCP id TAA02278; Wed, 5 Feb 1997 19:13:04 +0100 (MET) Received: from oo7 (oo7.dimaga.com [192.0.0.65]) by dimaga.com (8.7.5/8.7.2) with SMTP id TAA18893; Wed, 5 Feb 1997 19:08:09 +0100 (MET) Message-Id: <3.0.32.19970205190809.009ec770@dimaga.com> X-Sender: eivind@dimaga.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Wed, 05 Feb 1997 19:08:10 +0100 To: tqbf@enteract.com From: Eivind Eklund Subject: Re: 2.1.6+++: crt0.c CRITICAL CHANGE Cc: freebsd-security@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 05:43 PM 2/5/97 -0000, tqbf@enteract.com wrote: >In article <3.0.32.19970205173026.0093c150@dimaga.com>, you wrote: >>I was unable to find a call to any locale-function in 2.1.6 "at". > >That's because 2.1.x programs don't explicitly call setlocale() - they >rely on crt0 start() to do that for them. FreeBSD 2.2's at(1) explicitly >calls setlocale() from main(), before getopt. > >In 2.1.6, you're screwed until you fix crt0.c. In FreeBSD 2.2, prior to >December, you're screwed until you remove the setlocale() call from at(1) >or fix your locale routines. ... don't forget crontab, which will screw you (call setlocale) in 2.1.6 (and 2.2?), as setuid root. The other programs on the list I posted here earlier today call setlocale, but are not setuid, so they aren't _that_ dangerous. Eivind Eklund / perhaps@yes.no / http://maybe.yes.no/perhaps/