Date: Tue, 25 Jun 1996 11:38:51 +0200 (MET DST) From: torstenb@solar.tlk.com (Torsten Blum) To: mwhite+@CMU.EDU (Matthew Jason White) Cc: freebsd-security@freebsd.org Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <m0uYUaB-00022NC@solar.tlk.com> In-Reply-To: <0lnmnpy00YUp8Ea2EM@andrew.cmu.edu> from Matthew Jason White at "Jun 24, 96 08:04:05 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Jason White wrote: > You probably want to change the security script so that it points out > ALL suid programs in /usr/home, /tmp, /var/tmp and /usr/tmp, or any > other publicly writeable area. Are you running inn1.4 on this system? > If so, you should probably upgrade to inn-1.4uoff4 (this port should > prolly be upgraded, if someone hasn't already). inn runs as user `news', so you can never create a setuid root shell even if inn has a bug... -tb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0uYUaB-00022NC>