Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 28 Jul 1997 22:01:00 -0400 (EDT)
From:      Robert Watson <robert@cyrus.watson.org>
To:        Vincent Poy <vince@mail.MCESTATE.COM>
Cc:        "Matthew N. Dodd" <winter@jurai.net>, security@FreeBSD.ORG, JbHunt <johnnyu@accessus.net>, "[Mario1-]" <mario1@primenet.com>
Subject:   Re: security hole in FreeBSD
Message-ID:  <Pine.BSF.3.95q.970728220005.4839B-100000@cyrus.watson.org>
In-Reply-To: <Pine.BSF.3.95.970728161605.3844u-100000@mail.MCESTATE.COM>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Vincent Poy wrote:

> On Mon, 28 Jul 1997, Matthew N. Dodd wrote:
> 
> =)On Mon, 28 Jul 1997, Vincent Poy wrote:
> =)> 	That wouldn't do any good if the user can chflags noschg on the
> =)> binaries you have schg on.
> =)
> =)'man init'
> 
> 	True but if you needed to compile -current, you would need to
> remove the schg flags on some binaries before the make world.

Hence my suggestion that you boot from floppy.  You now know you are
running the correct kernel, and have the required set of utilities to get
things going.  To be entirely honest, if you system is that hacked to
pieces, you really need to reinstall.  The chances of missing something at
this point are just to great.

  Robert N Watson 

Junior, Logic+Computation, Carnegie Mellon University  http://www.cmu.edu/
Network Security Research, Trusted Information Systems http://www.tis.com/
Network Administrator, SafePort Network Services  http://www.safeport.com/
robert@fledge.watson.org   rwatson@tis.com  http://www.watson.org/~robert/




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970728220005.4839B-100000>