From owner-freebsd-security  Fri May 17 07:04:59 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id HAA18751
          for security-outgoing; Fri, 17 May 1996 07:04:59 -0700 (PDT)
Received: from fslg8.fsl.noaa.gov (fslg8.fsl.noaa.gov [137.75.131.171])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA18746
          for <freebsd-security@freebsd.org>; Fri, 17 May 1996 07:04:54 -0700 (PDT)
Received: by fslg8.fsl.noaa.gov (5.57/Ultrix3.0-C)
	id AA04147; Fri, 17 May 96 14:04:36 GMT
Message-Id: <9605171404.AA04147@fslg8.fsl.noaa.gov>
Received: by emu.fsl.noaa.gov
	(1.40.112.3/16.2) id AA172301877; Fri, 17 May 1996 08:04:37 -0600
Date: Fri, 17 May 1996 08:04:37 -0600
From: Sean Kelly <kelly@fsl.noaa.gov>
To: gfoster@gfoster.com
Cc: jkh@time.cdrom.com, coredump@nervosa.com, freebsd-security@freebsd.org
In-Reply-To: <199605171100.HAA00301@ptavv.nsta.org> (message from Glen Foster
	on Fri, 17 May 1996 07:00:35 -0400 (EDT))
Subject: Re: very bad
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>>>>> "Glen" == Glen Foster <gfoster@gfoster.com> writes:

    Glen> Now the big question, except for the obvious, why was
    Glen> mount_union suid in the first place?

As well as mount_msdos ... it may have a similar vulnerability.

-- 
Sean Kelly                          
NOAA Forecast Systems Laboratory    kelly@fsl.noaa.gov
Boulder Colorado USA                http://www-sdd.fsl.noaa.gov/~kelly/