From owner-freebsd-security Mon Feb 3 05:17:06 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA27868 for security-outgoing; Mon, 3 Feb 1997 05:17:06 -0800 (PST) Received: from pdx1.world.net (pdx1.world.net [192.243.32.18]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA27863 for ; Mon, 3 Feb 1997 05:17:03 -0800 (PST) From: proff@suburbia.net Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with SMTP id FAA05409 for ; Mon, 3 Feb 1997 05:18:13 -0800 (PST) Received: (qmail 10619 invoked by uid 110); 3 Feb 1997 13:16:10 -0000 Message-ID: <19970203131610.10618.qmail@suburbia.net> Subject: Re: Critical Security Problem in 4.4BSD crt0 In-Reply-To: <199702031310.HAA26121@enteract.com> from "Thomas H. Ptacek" at "Feb 3, 97 07:09:35 am" To: tqbf@enteract.com Date: Tue, 4 Feb 1997 00:16:10 +1100 (EST) Cc: tqbf@enteract.com, security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > The problem's not gone. The problem's nowhere near gone. There are tons of > 2.1.5 and 2.1.6 systems on the net. As long as the distributions remain on > the FreeBSD FTP servers, they should be kept secure. A problem that > renders every single program on the system vulnerable is serious > regardless of which revision it affects. > > Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] You are right of course, I guess I'm suffering from -current or death mentality. Cheers, -- Prof. Julian Assange |If you want to build a ship, don't drum up people |together to collect wood and don't assign them tasks proff@iq.org |and work, but rather teach them to long for the endless proff@gnu.ai.mit.edu |immensity of the sea. -- Antoine de Saint Exupery