From owner-freebsd-security Mon Jan 29 22:11:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from green.dyndns.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id B4A9A37B698 for ; Mon, 29 Jan 2001 22:10:39 -0800 (PST) Received: from localhost (7h1k9s@localhost [127.0.0.1]) by green.dyndns.org (8.11.1/8.11.1) with ESMTP id f0U69Cf70017 for ; Tue, 30 Jan 2001 01:09:48 -0500 (EST) (envelope-from green@FreeBSD.org) Message-Id: <200101300609.f0U69Cf70017@green.dyndns.org> X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 X-Exmh-Isig-CompType: repl X-Exmh-Isig-Folder: security To: security@FreeBSD.org Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED] In-Reply-To: Message from FreeBSD Security Advisories of "Mon, 29 Jan 2001 13:06:31 PST." <20010129210631.015E137B698@hub.freebsd.org> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain Date: Tue, 30 Jan 2001 01:09:11 -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Actually, there were two issues. One was that the permissions weren't dropped totally on the way to opening the .fakeid file, and the other was that it was not read in a way that would be guaranteed not to block, so by creating a named pipe, the user could hang an inetd child. I don't remember which was reported and which I discovered as a result of fixing the other, BTW. The advisory really should incorporate at least both issues... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message