From owner-freebsd-security  Mon Dec 18 18:11: 3 2000
From owner-freebsd-security@FreeBSD.ORG  Mon Dec 18 18:11:00 2000
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123])
	by hub.freebsd.org (Postfix) with ESMTP
	id B653B37B400; Mon, 18 Dec 2000 18:11:00 -0800 (PST)
Received: (from kris@localhost)
	by citusc.usc.edu (8.9.3/8.9.3) id SAA02657;
	Mon, 18 Dec 2000 18:12:16 -0800
Date: Mon, 18 Dec 2000 18:12:16 -0800
From: Kris Kennaway <kris@FreeBSD.ORG>
To: Mike Tancsa <mike@sentex.net>
Cc: Kris Kennaway <kris@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG
Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs
Message-ID: <20001218181216.A2629@citusc.usc.edu>
References: <156200781518.20001218191409@sandy.ru> <20001218153619.071BE37B400@hub.freebsd.org> <156200781518.20001218191409@sandy.ru> <20001218082209.C29592@citusc.usc.edu> <5.0.1.4.0.20001218124818.01cf9040@marble.sentex.ca>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="tThc/1wpZn/ma/RB"
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <5.0.1.4.0.20001218124818.01cf9040@marble.sentex.ca>; from mike@sentex.net on Mon, Dec 18, 2000 at 12:49:49PM -0500
Sender: kris@citusc.usc.edu
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


--tThc/1wpZn/ma/RB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Dec 18, 2000 at 12:49:49PM -0500, Mike Tancsa wrote:
> At 08:22 AM 12/18/00 -0800, Kris Kennaway wrote:
> >On Mon, Dec 18, 2000 at 07:14:09PM +0300, Vladimir Dubrovin wrote:
> > > Hello FreeBSD Security Advisories,
> > >
> > > As  far  as  I  remember this issue was patched twice - in 1997 and in
> > > January 2000. Do I miss something?
> >
> >There have been other vulnerabilities in procfs in the past. There may
> >be others discovered in the future..it's what you might call "risky
> >code".
>=20
> Apart from not mounting it, does mounting it readonly make any difference=
 ?
> proc                   /proc           procfs  r              0       0
> instead of
> proc                   /proc           procfs  rw              0       0

Probably not.

> What does one loose these days on 4.x not mounting it by default ?

Not sure either.

Kris

--tThc/1wpZn/ma/RB
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6PsQAWry0BWjoQKURAgGTAJ9XcKe+NUmFhUwymreKAwwQ012J2QCgqh1d
tzBDLnkZj3ZWUc3N4Q2R0fA=
=jBjJ
-----END PGP SIGNATURE-----

--tThc/1wpZn/ma/RB--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message