Date: Sun, 10 Aug 1997 10:28:13 +0000 (GMT) From: "Jonathan A. Zdziarski" <jonz@netrail.net> To: Eivind Eklund <perhaps@yes.no> Cc: Brian Mitchell <brian@firehouse.net>, bugtraq@netspace.org, freebsd-security@FreeBSD.ORG Subject: Re: procfs hole Message-ID: <Pine.BSF.3.95q.970810102802.13775C-100000@netrail.net> In-Reply-To: <199708101351.PAA04930@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
What are the effects of doing this? ------------------------------------------------------------------------- Jonathan A. Zdziarski NetRail Incorporated Server Engineering Manager 230 Peachtree St. Suite 500 jonz@netrail.net Atlanta, GA 30303 http://www.netrail.net (888) - NETRAIL ------------------------------------------------------------------------- On Sun, 10 Aug 1997, Eivind Eklund wrote: :> :> There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected, :> I have not tested 3.x but I believe it to be vulnerable as well) along :> with OpenBSD (not tested by me, but by someone else -- believe it was :> 2.1-RELEASE although obsd doesnt mount procfs by default like freebsd :> does). : :Temporary fix: Disable the /proc filesystem. Setting ro instead of rw in :/etc/fstab or chmod'ing on the mountpoint do _not_ work. : :Eivind, :looking for a proper fix, but not expecting to get there before David. :
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970810102802.13775C-100000>