From owner-freebsd-security  Wed Aug 12 19:59:13 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA26702
          for freebsd-security-outgoing; Wed, 12 Aug 1998 19:59:13 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA26689
          for <freebsd-security@FreeBSD.ORG>; Wed, 12 Aug 1998 19:59:10 -0700 (PDT)
          (envelope-from brett@lariat.org)
Received: (from brett@localhost)
	by lariat.lariat.org (8.8.8/8.8.6) id UAA06194;
	Wed, 12 Aug 1998 20:58:35 -0600 (MDT)
Message-Id: <199808130258.UAA06194@lariat.lariat.org>
X-Sender: brett@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1.0.44 (Beta)
Date: Wed, 12 Aug 1998 20:52:27 -0600
To: ben@efn.org, andrewr <andrewr@slack.net>
From: Brett Glass <brett@lariat.org>
Subject: Re: Possible security "risk" in ftp client
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
        Marc Slemko <marcs@znep.com>, "Mark J. Taylor" <mtaylor@cybernet.com>,
        freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.96.980812134552.20149A-100000@Tyr.office.EFN.or
 g>
References: <Pine.NEB.3.96.980811213226.17677B-100000@brooklyn.slack.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Commit this, sez I. It looks good.

--Brett

At 02:42 PM 8/12/98 -0700, Ben wrote:
 
>For ps I made a patch that allows only root(or wheel, you pick) to use the
>flag '-a', otherwise the user attempting to use '-a' only gets his/her
proc's.
>
>Available at:
>http://www.efn.org/~ben/ps/diff.txt 
>	For the diff between the 2.2.7-RELEASE ps.c and mine.
>		(/usr/src/bin/ps.c)
>http://www.efn.org/~ben/ps/results.txt
>	Demonstration of it in action.
>http://www.efn.org/~ben/ps/ps.c
>http://www.efn.org/~ben/ps/ps.old.c
>	My ps.c and the old ps.c.
>http://www.efn.org/~ben/ps/ps.root.gz
>http://www.efn.org/~ben/ps/ps.wheel.gz
>	Binaries for 2.2.7 that allow only root, or wheel to use the 
>	-a flag correctly.
>
>> 
>> Andrew
>
>	-ben@efn.org EFN News Administrator.
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe security" in the body of the message
> 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message