From owner-freebsd-security Thu Aug 17 18:41:21 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 36B7037B626; Thu, 17 Aug 2000 18:41:06 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id RAA02211; Thu, 17 Aug 2000 17:04:53 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Thu, 17 Aug 2000 17:04:53 -0700 (PDT) From: Kris Kennaway To: Cy Schubert - ITSD Open Systems Group Cc: freebsd-security@freebsd.org Subject: Re: Group-writable executable in OpenLDAP (fwd) In-Reply-To: <200008171315.e7HDFSh12972@cwsys.cwsent.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 17 Aug 2000, Cy Schubert - ITSD Open Systems Group wrote: > Still catching up on email after 4 weeks of vacation and noticed this > BUGTRAQ gem in my inbox. Our OpenLDAP port needs to be fixed to > address this. It's already fixed, but this is only of minor importance on FreeBSD since it's owned by group wheel, and on most installations the people who are in that group know the root password anyway. There are a number of other ports which install files writable by the wheel group - I've been going through and fixing them for the past few days. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message