From owner-freebsd-security Sun Aug 29 6: 9:15 1999 Delivered-To: freebsd-security@freebsd.org Received: from furbie.euronet.nl (furbie.euronet.nl [194.134.32.150]) by hub.freebsd.org (Postfix) with ESMTP id C166715096 for ; Sun, 29 Aug 1999 06:09:07 -0700 (PDT) (envelope-from beng@furbie.euronet.nl) Received: (from beng@localhost) by furbie.euronet.nl (8.9.3/8.9.3) id NAA53783; Sun, 29 Aug 1999 13:09:59 GMT (envelope-from beng) Date: Sun, 29 Aug 1999 15:09:59 +0200 From: Ben Gras To: dynamo@ime.net Cc: security@FreeBSD.ORG Subject: Re: Not sure if you got it... Message-ID: <19990829150958.A53712@euronet.nl> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.5i In-Reply-To: ; from dynamo@ime.net on Sat, Aug 28, 1999 at 10:22:12PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org All, On Sat, Aug 28, 1999 at 10:22:12PM -0400, dynamo@ime.net wrote: > to stop rebooting from working right any user can just do this... > ln -s /file/with/blocked/io/such/as/a/tty /var/tmp/vi.recover/recover.file > this is my second try -- if you can gimmie an "ok" so i know you got this > i would appreciate it. On a related note.. is there any good reason to take the vi.recover business out of the boot process? It seems like a strangely vulnerable place to be processing user-controlled files, using shellscript under root even. And why during the boot? That only happens once every few years anyway (touch wood) ;-). Sounds like a crontab job to me. =Ben To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message