From owner-freebsd-security Thu Mar 28 7:42:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from zeta.qmw.ac.uk (zeta.qmw.ac.uk [138.37.6.6]) by hub.freebsd.org (Postfix) with ESMTP id E3B9137B417 for ; Thu, 28 Mar 2002 07:42:48 -0800 (PST) Received: from xi.css.qmw.ac.uk ([138.37.8.11]) by zeta.qmw.ac.uk with esmtp (Exim 3.32 #1) id 16qc33-0004Jf-00 for security@freebsd.org; Thu, 28 Mar 2002 15:42:45 +0000 Received: from cgaa180 by xi.css.qmw.ac.uk with local (Exim 1.92 #1) for security@FreeBSD.ORG id 16qc35-00050S-00; Thu, 28 Mar 2002 15:42:47 +0000 X-Mailer: exmh version 2.0.2 2/24/98 To: security@FreeBSD.ORG Subject: Re: Is FreeBSD susceptible to this vulnerability? In-reply-to: Your message of "Thu, 28 Mar 2002 06:58:33 PST." <200203281459.g2SEx3p66464@cwsys.cwsent.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 28 Mar 2002 15:42:47 +0000 From: David Pick Message-Id: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > This is not specifically a *BSD problem. Very true. > Looking at the default > Xaccess that is shipped with the XFree86-4 port this is not a problem > for this particular port. The Xaccess file in the port may sell be like that; the one in the XFree86-3 distribution has the problem lines. Certainly on FreeBSD 2.2.8 and FreeBSD 4.5 (RELEASEs). Of course, "xdm" is not run by default... -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message