From owner-freebsd-security Fri May 29 13:34:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA03731 for freebsd-security-outgoing; Fri, 29 May 1998 13:34:08 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA03490; Fri, 29 May 1998 13:33:06 -0700 (PDT) (envelope-from cschuber@passer.osg.gov.bc.ca) Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.0/8.6.10) id NAA18667; Fri, 29 May 1998 13:31:53 -0700 (PDT) Message-Id: <199805292031.NAA18667@passer.osg.gov.bc.ca> Received: from localhost(127.0.0.1), claiming to be "passer.osg.gov.bc.ca" via SMTP by localhost, id smtpdaasgEa; Fri May 29 13:31:50 1998 Reply-to: Cy Schubert - ITSD Open Systems Group X-Mailer: MH To: freebsd-security@FreeBSD.ORG, security-officer@FreeBSD.ORG Subject: Kill(2) Vulnerability Date: Fri, 29 May 1998 13:30:58 -0700 From: Cy Schubert - ITSD Open Systems Group Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org One of my co-workers brought this to my attention from http://www.openbsd.org/errata.html#kill. SECURITY FIX The kill(2) system call previously would permit a large set of signals to be delivered to setuid or setgid processes. If such processes were using those signals in dubious ways, this could have resulted in security problems of various kinds. The second revision of a source code patch which solves the problem is available. I haven't seen this discussed on FreeBSD-Security yet. I've looked at the CVS log for kern_sig.c, however I cannot see any fix in there for it. Has this been fixed somewhere else? Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Open Systems Group Internet: cschuber@uumail.gov.bc.ca ITSD Cy.Schubert@gems8.gov.bc.ca Government of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message