From owner-freebsd-security Sun Apr 13 12:11:15 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA19397 for security-outgoing; Sun, 13 Apr 1997 12:11:15 -0700 (PDT) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA19376; Sun, 13 Apr 1997 12:11:06 -0700 (PDT) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id VAA15840; Sun, 13 Apr 1997 21:10:24 +0200 (MET DST) From: Guido van Rooij Message-Id: <199704131910.VAA15840@gvr.win.tue.nl> Subject: Re: ftpd bug (yes, again..) In-Reply-To: from Warner Losh at "Apr 13, 97 12:54:31 pm" To: imp@village.org (Warner Losh) Date: Sun, 13 Apr 1997 21:10:24 +0200 (MET DST) Cc: vadim@tversu.ac.ru, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Warner Losh wrote: > In message <199704131851.UAA15689@gvr.win.tue.nl> Guido van Rooij writes: > : Warner Losh wrote: > : > In message <19970413113446.26166@tversu.ac.ru> Vadim Kolontsov writes: > : > : Now look for core dump, extract password, start your Crack :) > : > > : > Fail to find core dump, become bummed :-( The kernel won't produce a > : > core in these cases. > : > > : > : Not on 2.1 I think. On 2.2 ftpd will not coredump (deliberately) > > I thought the core dump patches had been backported to the 2.1 > branch, post 2.1.7. Am I mistaken? RELENG_2_2_1_RELEASE: 1.26.2.1 RELENG_2_2_0_RELEASE: 1.26.2.1 RELENG_2_1_7_RELEASE: 1.11.4.2 RELENG_2_1_6_1_RELEASE: 1.11.4.2 RELENG_2_1_6_RELEASE: 1.11.4.2 RELENG_2_1_5_RELEASE: 1.11.4.1 revision 1.11.4.2 date: 1996/10/19 01:07:38; author: davidg; state: Exp; lines: +3 -4 Brought in change from revs 1.19/1.26: check for P_SUGID before coredumping. So it's not in 2.1.5, but it is in 2.1.6 and further. -Guido