From owner-freebsd-questions  Tue Jun  3 05:19:03 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id FAA24914
          for questions-outgoing; Tue, 3 Jun 1997 05:19:03 -0700 (PDT)
Received: from buffnet4.buffnet.net (buffnet4.buffnet.net [205.246.19.13])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA24909
          for <freebsd-questions@FreeBSD.ORG>; Tue, 3 Jun 1997 05:18:55 -0700 (PDT)
Received: from buffnet9.buffnet.net (buffnet9.buffnet.net [205.246.19.19]) by buffnet4.buffnet.net (8.7.5/8.7.3) with SMTP id IAA10834; Tue, 3 Jun 1997 08:19:15 -0400 (EDT)
Received: from buffnet11.buffnet.net(205.246.19.55) by buffnet9.buffnet.net via smap (V2.0)
	id xma001501; Tue, 3 Jun 97 08:17:52 -0400
Date: Tue, 3 Jun 1997 08:18:55 -0400 (EDT)
From: Steve <shovey@buffnet.net>
To: Michael Haro <perl@netmug.org>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Security problem with FreeBSD 2.2.1 default installation
In-Reply-To: <199706030320.UAA14616@netmug.org>
Message-ID: <Pine.BSI.3.95.970603081844.22117K-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Delete it - you should not have a need for suidperl

On Mon, 2 Jun 1997, Michael Haro wrote:

> Hi, yesterday one of my users gained root access to my system. 
> They did it by exploiting a bug in /usr/bin/sperl4*
> Why does FreeBSD ship with a security hole?  Is this a new one that you didn't
> know about?  How can I remedy the problem?  Right now, I deleted the file from
> the server.  I am new to FreeBSD and would like to know how to fix it.
> 
> Thanks,
> Michael perl@netmug.org
>