From owner-freebsd-security Fri Sep 22 18:54:03 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id SAA24878 for security-outgoing; Fri, 22 Sep 1995 18:54:03 -0700 Received: from psi.wsl.sinica.edu.tw (psi.wsl.sinica.edu.tw [140.109.7.34]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id SAA24855 for ; Fri, 22 Sep 1995 18:53:56 -0700 Received: (from ywliu@localhost) by psi.wsl.sinica.edu.tw (8.6.11/8.6.9) id KAA19544 for security@freebsd.org; Sat, 23 Sep 1995 10:08:06 GMT From: Yen-Wei Liu Message-Id: <199509231008.KAA19544@psi.wsl.sinica.edu.tw> Subject: cron 3.0pl1-20: URGENT SECURITY FIX (fwd) from Linux-security To: security@freebsd.org Date: Sat, 23 Sep 1995 10:08:04 +0000 () X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 2689 Sender: owner-security@freebsd.org Precedence: bulk Hi, The following message comes from linux-security mailing list. Actually this message just reminds me of two issues : 1) That mailing list has a fairly high traffic. Compared with it, FreeBSD security is much more silent. Does this mean FreeBSD is more secure, or Linux is more vulnerable ? (Didn't mean to offend any OS.) 2) Is there anybody subscribing to the mailing list too ? They have discussed several security issues, such as this cron vulnerability. Does FreeBSD suffer the same vulnerabilities as Linux does? Yen-Wei Liu Forwarded message: > From owner-linux-security@tarsier.cv.nrao.edu Fri Sep 22 07:49:39 1995 > Date: Wed, 20 Sep 1995 20:43:25 -0500 (CDT) > From: Aleph One > To: linux-security@tarsier.cv.nrao.edu > Subject: cron 3.0pl1-20: URGENT SECURITY FIX (fwd) > Message-Id: > Mime-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > Sender: owner-linux-security@tarsier.cv.nrao.edu > Precedence: list > > Anyone know anything more? > > Aleph One / aleph1@dfw.net > http://underground.org/ > KeyID 1024/948FD6B5 > Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 > > ---------- Forwarded message ---------- > Date: Thu, 21 Sep 95 01:58 BST > From: Ian Jackson > To: Debian package announcements > Subject: cron 3.0pl1-20: URGENT SECURITY FIX > > There is a major security hole in cron 3.0pl1-19 and earlier, allowing > any user to gain access to the `root' group. On many (most?) systems > this will quickly allow them to gain superuser access. > > I am currently uploading cron-3.0pl1-20.deb using my 2400-baud modem. > In the meantime, please disable your cron daemon: > > # killall cron > # chmod 400 /usr/sbin/cron > > Ian M.: please replace the cron in the binary directory with this one > immediately. The source will arrive tomorrow - my modem is too slow > to get it uploaded today. > > If you download from Incoming, please check the file size - the binary > package file is 27737 bytes. > > cron (3.0pl1-20); priority=URGENT > > * cron now uses initgroups when running jobs. Bug#1400. AARGH! > > -- Ian Jackson Thu, 21 Sep 1995 01:44:11 +0100 > > 169cec1ee4387c994798608385826363 cron-3.0pl1-20.deb > e9b26cb21aac62dcee5d443ce6dd7ab4 cron-3.0pl1-20.diff.gz > 29655e14fff95cd477f1b3775d85d8d2 cron-3.0pl1-20.tar.gz > -rw-r--r-- 1 root root 27737 Sep 21 01:52 cron-3.0pl1-20.deb > -rw-rw-r-- 1 ian ian 10093 Sep 21 01:50 cron-3.0pl1-20.diff.gz > -rw-rw-r-- 1 ian ian 66738 Sep 21 01:50 cron-3.0pl1-20.tar.gz >