Date: Fri, 22 Sep 1995 20:34:33 -0700 (PDT) From: Tom Samplonius <tom@uniserve.com> To: Yen-Wei Liu <mighty.hoffmann@psi.wsl.sinica.edu.tw> Cc: security@freebsd.org Subject: Re: cron 3.0pl1-20: URGENT SECURITY FIX (fwd) from Linux-security Message-ID: <Pine.BSF.3.91.950922203058.28316A-100000@haven.uniserve.com> In-Reply-To: <199509231008.KAA19544@psi.wsl.sinica.edu.tw>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 23 Sep 1995, Yen-Wei Liu wrote: > Hi, > > The following message comes from linux-security mailing list. Actually > this message just reminds me of two issues : > > 1) That mailing list has a fairly high traffic. Compared with it, FreeBSD > security is much more silent. Does this mean FreeBSD is more secure, > or Linux is more vulnerable ? (Didn't mean to offend any OS.) Who's to say? If there are holes, no ones found them, or they aren't there. > 2) Is there anybody subscribing to the mailing list too ? They have > discussed several security issues, such as this cron vulnerability. > Does FreeBSD suffer the same vulnerabilities as Linux does? Often not. FreeBSD comes out of the BSD4.4 lite code release which has been beaten on for years. FreeBSD does not appear to affected by this bug. I just had cron, run "groups" and I received an e-mail message showing my groups, rather than root's groups. Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.950922203058.28316A-100000>