Date: Tue, 19 Dec 2000 12:45:32 -0800 From: Steve Reid <sreid@sea-to-sky.net> To: Mikhail Kruk <meshko@cs.brandeis.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs Message-ID: <20001219124531.F46370@grok.bc.hsia.telus.net> In-Reply-To: <Pine.LNX.4.30.0012191343530.19915-100000@daedalus.cs.brandeis.edu>; from Mikhail Kruk on Tue, Dec 19, 2000 at 01:45:01PM -0500 References: <xzplmtcy5vg.fsf@flood.ping.uio.no> <Pine.LNX.4.30.0012191343530.19915-100000@daedalus.cs.brandeis.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 19, 2000 at 01:45:01PM -0500, Mikhail Kruk wrote: > see you previous e-mail :) I was talking about things you loose when you > umount procfs I unmounted /procfs late last night woke up this morning with a mailbox full of error messages from Amavis. McAfee/NAI "uvscan" appears to use "/proc/%d/cmdline" (strings(1) is your friend). My usr/local/bin/uvscan was symlinked to the actual binary installed elsewhere and when I unmounted procfs it could no longer find "./messages.dat". So I replaced the symlink with a shell script that does a cd+exec and all is well. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001219124531.F46370>