Date: Fri, 27 Aug 1999 15:52:43 -0600 From: Warner Losh <imp@village.org> To: Ludwig Pummer <ludwigp@bigfoot.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot] Message-ID: <199908272152.PAA76258@harmony.village.org> In-Reply-To: Your message of "Fri, 27 Aug 1999 10:00:30 PDT." <37C6C42E.78E600F4@bigfoot.com> References: <37C6C42E.78E600F4@bigfoot.com> <199908261758.KAA94925@burka.rdy.com> <199908271214.JAA00774@ns1.sminter.com.ar> <19990827142016.U79110@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <37C6C42E.78E600F4@bigfoot.com> Ludwig Pummer writes: : It was pointed out yesterday that 3 conditions need to be present for : this to be exploitable, and 2.2.8 doesn't have at least one of the : conditions (core dump won't follow symlinks in 2.2.8). Others have pointed out to me that 2.x will, indeed, follow symlinks. I don't have a system handy that I can test on (all my 2.x systems have core dumps turned off completely because they are on ultra-tiny disks). Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908272152.PAA76258>