Date: Fri, 27 Aug 1999 10:00:30 -0700 From: Ludwig Pummer <ludwigp@bigfoot.com> To: Eivind Eklund <eivind@FreeBSD.ORG> Cc: Fernando Schapachnik <fpscha@via-net-works.net.ar>, freebsd-security@FreeBSD.ORG Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot] Message-ID: <37C6C42E.78E600F4@bigfoot.com> References: <199908261758.KAA94925@burka.rdy.com> <199908271214.JAA00774@ns1.sminter.com.ar> <19990827142016.U79110@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eivind Eklund wrote: > > On Fri, Aug 27, 1999 at 09:14:22AM -0300, Fernando Schapachnik wrote: > > Patches for 2.2.8 are too much asking? > > Yes - 2.2.8 doesn't have the problem (AFAIK, at least - feel free to > test it if you have easy access and time). It was pointed out yesterday that 3 conditions need to be present for this to be exploitable, and 2.2.8 doesn't have at least one of the conditions (core dump won't follow symlinks in 2.2.8). --Ludwig Pummer <ludwigp@bigfoot.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37C6C42E.78E600F4>