From owner-freebsd-security Wed Aug 12 17:53:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA12962 for freebsd-security-outgoing; Wed, 12 Aug 1998 17:53:58 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from brooklyn.slack.net (brooklyn.slack.net [206.41.21.102]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA12953 for ; Wed, 12 Aug 1998 17:53:56 -0700 (PDT) (envelope-from andrewr@brooklyn.slack.net) Received: from localhost (andrewr@localhost) by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id VAA01265; Wed, 12 Aug 1998 21:01:15 -0400 (EDT) Date: Wed, 12 Aug 1998 21:01:15 -0400 (EDT) From: andrewr To: ben@efn.org cc: Garrett Wollman , Marc Slemko , "Mark J. Taylor" , freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 12 Aug 1998, Ben wrote: > For ps I made a patch that allows only root(or wheel, you pick) to use the > flag '-a', otherwise the user attempting to use '-a' only gets his/her proc's. Did you patch the kernel as well? Caue if you didn't, it's useless. > > Available at: > http://www.efn.org/~ben/ps/diff.txt > For the diff between the 2.2.7-RELEASE ps.c and mine. > (/usr/src/bin/ps.c) > http://www.efn.org/~ben/ps/results.txt > Demonstration of it in action. > http://www.efn.org/~ben/ps/ps.c > http://www.efn.org/~ben/ps/ps.old.c > My ps.c and the old ps.c. > http://www.efn.org/~ben/ps/ps.root.gz > http://www.efn.org/~ben/ps/ps.wheel.gz > Binaries for 2.2.7 that allow only root, or wheel to use the > -a flag correctly. > > > > > Andrew > > -ben@efn.org EFN News Administrator. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message