From owner-freebsd-security  Fri Apr 26 10:16:58 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id KAA19743
          for security-outgoing; Fri, 26 Apr 1996 10:16:58 -0700 (PDT)
Received: from marble.eps.nagoya-u.ac.jp (marble.eps.nagoya-u.ac.jp [133.6.57.68])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id KAA19738
          for <security@freebsd.org>; Fri, 26 Apr 1996 10:16:55 -0700 (PDT)
Received: from marble.eps.nagoya-u.ac.jp (localhost [127.0.0.1]) by marble.eps.nagoya-u.ac.jp (8.7.4+2.6Wbeta6/3.3W9) with ESMTP id CAA00383; Sat, 27 Apr 1996 02:16:45 +0900 (JST)
Message-Id: <199604261716.CAA00383@marble.eps.nagoya-u.ac.jp>
To: ghelmer@alpha.dsu.edu
Cc: security@freebsd.org
Subject: Re: ptrace vulnerability, was: Something fishy with our PT_ATTACH code!
In-Reply-To: Your message of "Fri, 26 Apr 1996 08:44:53 -0500 (CDT)"
References: <Pine.OSF.3.93.960426083930.839B-100000@alpha.dsu.edu>
X-Mailer: Mew beta version 0.96 on Emacs 19.28.1, Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Date: Sat, 27 Apr 1996 02:16:43 +0900
From: KATO Takenori <kato@eclogite.eps.nagoya-u.ac.jp>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> That reminds me, did BSDI release any information/patches regarding the
> ptrace vulnerabilitiy (CERT VB-96.04.bsdi)? 

BSDI has released a patch 'K201-008' to fix ptrace security problem.


>                                              I assume the 4.4BSD-derived
> systems had the same ptrace code...

The body of ptrace code was deleted in 4.4BSD-Lite destribution.


----
KATO Takenori <kato@eclogite.eps.nagoya-u.ac.jp>
Dept. Earth Planet. Sci., Nagoya Univ.,  Nagoya, 464-01, Japan
Voice: +81-52-789-2529   Fax: +81-52-789-3033