From owner-freebsd-security Thu Aug 26 16:47:52 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 910AA15DB5; Thu, 26 Aug 1999 16:47:30 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id RAA86777; Thu, 26 Aug 1999 17:47:10 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id RAA69353; Thu, 26 Aug 1999 17:48:29 -0600 (MDT) Message-Id: <199908262348.RAA69353@harmony.village.org> To: Barrett Richardson Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot] Cc: dg@root.com, dima@best.net, Gregory Sutter , security-officer@FreeBSD.ORG, freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Thu, 26 Aug 1999 19:25:33 EDT." References: Date: Thu, 26 Aug 1999 17:48:28 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message Barrett Richardson writes: : On Digital Unix where core dumps are a big problem with setuid : binaries and the symlink issue, core dumps are disabled on : binaries that do not have a read bit set. This offers an "on : the fly" workaround. Setuid binaries already don't dump core. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message