From owner-freebsd-security  Sun Aug 29 19:17:52 1999
Delivered-To: freebsd-security@freebsd.org
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.26.10.9])
	by hub.freebsd.org (Postfix) with ESMTP id 928571501C
	for <security@FreeBSD.ORG>; Sun, 29 Aug 1999 19:17:45 -0700 (PDT)
	(envelope-from bde@godzilla.zeta.org.au)
Received: (from bde@localhost)
	by godzilla.zeta.org.au (8.8.7/8.8.7) id MAA01056;
	Mon, 30 Aug 1999 12:15:18 +1000
Date: Mon, 30 Aug 1999 12:15:18 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199908300215.MAA01056@godzilla.zeta.org.au>
To: dynamo@ime.net, imp@village.org
Subject: Re: Not sure if you got it...
Cc: security@FreeBSD.ORG
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>Index: rc
>===================================================================
>RCS file: /home/imp/FreeBSD/CVS/src/etc/rc,v
>retrieving revision 1.195
>diff -u -r1.195 rc
>--- rc	1999/08/27 23:23:43	1.195
>+++ rc	1999/08/30 00:14:44
>@@ -129,8 +129,11 @@
> 
> clean_var() {
> 	if [ ! -f /var/run/clean_var ]; then
>+		chflags -R 0 /var/run/* > /dev/null 2>&1

Clearing superuser flags is wrong.  If they were set by root, then root
must want them.  If they were set by an intruder then they would have
been fixed appropriately by the previous security pass :-).

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message