From owner-freebsd-security  Tue Nov  4 14:24:57 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id OAA13184
          for security-outgoing; Tue, 4 Nov 1997 14:24:57 -0800 (PST)
          (envelope-from owner-freebsd-security)
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA13172
          for <security@freebsd.org>; Tue, 4 Nov 1997 14:24:52 -0800 (PST)
          (envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.8.5/8.8.5) id RAA17913;
	Tue, 4 Nov 1997 17:24:51 -0500 (EST)
Date: Tue, 4 Nov 1997 17:24:51 -0500 (EST)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <199711042224.RAA17913@khavrinen.lcs.mit.edu>
To: security@freebsd.org
Subject: FreeBSD Security Advisory: FreeBSD-SA-97:05.open
In-Reply-To: <199711041951.UAA02408@gvr.gvr.org>
References: <199711041951.UAA02408@gvr.gvr.org>
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

<<On Wed, 29 Oct 1997 20:01:00 +0100 (MET), FreeBSD Security Officer <security-officer@FreeBSD.ORG> said:

> III. Impact
     
>      The problem can be used by any user on the system to do unauthorised
>      io instructions.
     
One other impact which I have not seen mentioned yet should be
obvious: there is a potential DoS if an unfriendly user opens and
holds open an exclusive-open device (such as a tape drive) which is
necessary for system operation.

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick