From owner-freebsd-security Mon Oct 4 10:15:20 1999 Delivered-To: freebsd-security@freebsd.org Received: from bomber.avantgo.com (ws1.avantgo.com [207.214.200.194]) by hub.freebsd.org (Postfix) with ESMTP id 1BF2814A08 for ; Mon, 4 Oct 1999 10:15:16 -0700 (PDT) (envelope-from scott@avantgo.com) Received: from river ([10.0.128.30]) by bomber.avantgo.com (Netscape Messaging Server 3.5) with SMTP id 262; Mon, 4 Oct 1999 10:10:37 -0700 Message-ID: <05b301bf0e8b$e5ca32e0$1e80000a@avantgo.com> From: "Scott Hess" To: "Michael Bryan" , References: <199909291352.GAA31310@cwsys.cwsent.com><199909300401.WAA08495@harmony.village.org> <199910020846310710.17F35F81@quaggy.ursine.com> Subject: Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Date: Mon, 4 Oct 1999 10:14:20 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Michael Bryan wrote: > On 9/29/99 at 10:01 PM Warner Losh wrote: > >FreeBSD should follow symlinks. In fact in the base system we have > >/dev/log which points to /var/run/log. > > Would it make sense to have the following behaviour when bind() > encounters a symlink? > > 1) If a symlink exists and points to a valid Unix-domain > socket, go ahead and follow the link. Presumably a valid Unix-domain socket owned by the bind()'ing user? > This still allows /dev/log -> /var/run/log to work, but prevents > abuse in cases of poor code like in ssh. Why not just fix the problem? We can add code via the patches in the ssh port, which will later work its way back into ssh. Later, scott To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message