From owner-freebsd-security Thu Feb 22 19:33:28 2001 Delivered-To: freebsd-security@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 5E25C37B401 for ; Thu, 22 Feb 2001 19:33:24 -0800 (PST) (envelope-from mike@sentex.net) Received: from chimp (fcage [192.168.0.2]) by cage.simianscience.com (8.11.2/8.11.2) with ESMTP id f1N3XAg09018; Thu, 22 Feb 2001 22:33:11 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <4.2.2.20010222223209.03bb2600@marble.sentex.net> X-Sender: mdtancsa@marble.sentex.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Thu, 22 Feb 2001 22:33:09 -0500 To: Kris Kennaway From: Mike Tancsa Subject: Re: Bind problems Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20010222192805.A12575@mollari.cthul.hu> References: <200102222330.f1MNU7e64567@cwsys.cwsent.com> <20010222134703.A7745@mollari.cthul.hu> <200102222330.f1MNU7e64567@cwsys.cwsent.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:28 PM 2/22/2001 -0800, Kris Kennaway wrote: > > > > The worst that could happen is that the intruder could fill your disk. > >No, they still get the ability to run arbitrary code because they >compromise a running process and take over its execution context. The But only as the non root UID though right ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Network Administration, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message