Date: Fri, 09 Dec 2011 13:24:39 +0100 From: gabor@zahemszky.hu To: <freebsd-security@freebsd.org> Subject: Re: ftpd security issue ? Message-ID: <c01e78480b76e1fc000c282fca4c4269@zahemszky.hu> In-Reply-To: <4EE1C933.4020001@rdtc.ru> References: <4ED68B4D.4020004@sentex.net> "<4ED69B7E.50505@frasunek.com>" <4ED6C3C6.5030402@delphij.net> "<4ED6D1CD.9080700@sentex.net>" <4ED6D577.9010007@delphij.net> "\"<4ED6DA75.30604@sentex.net>" <4EE131B8.7040000@sentex.net>" <c081e4612df771d59c1dc2870d99d7b9@zahemszky.hu> <CAGMYy3vZ9CjuboiQsuGnYLZPpbAMMCQScsu9toXLpOyWAdAA3A@mail.gmail.com> <4EE1C933.4020001@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 09 Dec 2011 15:39:15 +0700, Eugene Grosbein wrote: > 09.12.2011 15:25, Xin LI пишет: >> On Fri, Dec 9, 2011 at 12:04 AM, <gabor@zahemszky.hu> wrote: >>> Hi! >>> >>> Are the following steps enough to prevent me? >>> >>> # for user in user1 user2 .... ; do >>> mkdir -p ~$user/lib ~$user/usr/lib ~$user/etc >>> chflags sunlink,schg ~$user/lib ~$user/usr ~$user/usr/lib >>> ~$user/etc >>> done >>> # >> >> Yes that should be sufficient workaround. > > Why /lib and /usr/lib only? ??? /lib, /usr/lib and /etc. Which directory is missing? Gábor < Gabor at Zahemszky dot HU >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c01e78480b76e1fc000c282fca4c4269>