From owner-freebsd-security  Fri Apr 12 23:32:42 2002
Delivered-To: freebsd-security@freebsd.org
Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38])
	by hub.freebsd.org (Postfix) with ESMTP id 7EDE937B404
	for <security@FreeBSD.org>; Fri, 12 Apr 2002 23:32:38 -0700 (PDT)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020413063238.GUKH1143.rwcrmhc51.attbi.com@blossom.cjclark.org>;
          Sat, 13 Apr 2002 06:32:38 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g3D6WaW44209;
	Fri, 12 Apr 2002 23:32:36 -0700 (PDT)
	(envelope-from cjc)
Date: Fri, 12 Apr 2002 23:32:36 -0700
From: "Crist J. Clark" <cjc@FreeBSD.org>
To: Nicolas Rachinsky <list@rachinsky.de>
Cc: security@FreeBSD.org, brett@lariat.org
Subject: Re: [Corrected message] This OpenBSD local root hole may affect some FreeBSD systems
Message-ID: <20020412233236.A43915@blossom.cjclark.org>
References: <4.3.2.7.2.20020411141011.030a0b80@nospam.lariat.org> <20020411204516.GA51239@pc5.abc>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020411204516.GA51239@pc5.abc>; from list@rachinsky.de on Thu, Apr 11, 2002 at 10:45:17PM +0200
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, Apr 11, 2002 at 10:45:17PM +0200, Nicolas Rachinsky wrote:
> * Brett Glass <brett@lariat.org> [2002-04-11 14:12:01 -0600]:
> > [This is a corrected version of the previous message, which omitted
> > the word "isn't" near the beginning of the second paragraph.]
> > 
> > The vulnerability described in the message below is a classic
> > "in-band signalling" problem that may give an unauthorized user
> > the ability to run an arbitrary command as root. 
> > 
> > Fortunately, the vulnerability isn't present in FreeBSD's daily, weekly,
> > and monthly maintenance scripts, because they use sendmail rather 
> > than /bin/mail.

No, they use mail(1),

  $ more /usr/bin/periodic
  .
  .
  .
      *)  pipe="mail -s '$host ${arg##*/} run output' $output";;

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message