From owner-cvs-all  Mon Dec 10 18:19:21 2001
Delivered-To: cvs-all@freebsd.org
Received: from elvis.mu.org (elvis.mu.org [216.33.66.196])
	by hub.freebsd.org (Postfix) with ESMTP
	id 78D4E37B417; Mon, 10 Dec 2001 18:19:15 -0800 (PST)
Received: by elvis.mu.org (Postfix, from userid 1192)
	id F20E181D01; Mon, 10 Dec 2001 20:19:09 -0600 (CST)
Date: Mon, 10 Dec 2001 20:19:09 -0600
From: Alfred Perlstein <bright@mu.org>
To: John Baldwin <jhb@FreeBSD.org>
Cc: mini@haikugeek.com, cvs-all@FreeBSD.org,
	cvs-committers@FreeBSD.org
Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp
Message-ID: <20011210201909.O92148@elvis.mu.org>
References: <200112110049.fBB0nYW71109@freefall.freebsd.org> <XFMail.011210165224.jhb@FreeBSD.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <XFMail.011210165224.jhb@FreeBSD.org>; from jhb@FreeBSD.org on Mon, Dec 10, 2001 at 04:52:24PM -0800
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

* John Baldwin <jhb@FreeBSD.org> [011210 18:52] wrote:
> 
> On 11-Dec-01 John Baldwin wrote:
> > jhb         2001/12/10 16:49:34 PST
> > 
> >   Modified files:
> >     sys/boot/i386/loader version 
> >     share/examples/bootforth boot.4th loader.rc 
> >     sys/boot/alpha/cdboot version 
> >     sys/boot/alpha/loader version 
> >     sys/boot/common      loader.8 
> >     sys/boot/ficl        loader.c 
> >     sys/boot/forth       loader.4th pnp.4th support.4th 
> >   Log:
> >   - Add 'fwrite' and 'fseek' words for writing to and seeking on files.
> >   - Change the 'fopen' keyword to accept a mode parameter.  Note that this
> >     will break existing 4th scripts that use fopen.  Thus, the loader
> >     version has been bumped and loader.4th has been changed to check for a
> >     sufficient version on i386 and alpha.  Be sure that you either do a full
> >     world build or install or full build and install of sys/boot after this
> >     since loader.old won't work with the new 4th files and vice versa.
> >   
> >   PR:             kern/32389
> >   Submitted by:   Jonathan Mini <mini@haikugeek.com>
> >   Sponsored by:   ClickArray, Inc.
> 
> All these loader commits make it possible to overwrite the existing contents of
> a file on a UFS filesystem.

Yay!  One "cool" feaure at least from a security standpoint would
be adding a write once variable to turn this off so that one can't
use loader to smash /etc/passwd.

John, or Jonathan... ? any plans on giving this a shot?

-Alfred

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message