From owner-freebsd-security  Thu Jun 27 16:43:03 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA07540
          for security-outgoing; Thu, 27 Jun 1996 16:43:03 -0700 (PDT)
Received: from haven.uniserve.com (haven.uniserve.com [198.53.215.121])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA07533
          for <freebsd-security@freebsd.org>; Thu, 27 Jun 1996 16:42:58 -0700 (PDT)
Received: by haven.uniserve.com id <31879-4095>; Thu, 27 Jun 1996 16:46:19 -0800
Date: 	Thu, 27 Jun 1996 16:46:11 -0700 (PDT)
From: Tom Samplonius <tom@uniserve.com>
To: cschuber@orca.gov.bc.ca
cc: freebsd-security@freebsd.org
Subject: Re: Ypwhich Hole 
In-Reply-To: <199606272100.OAA14831@passer.osg.gov.bc.ca>
Message-ID: <Pine.BSF.3.91.960627152738.27984B-100000@haven.uniserve.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


On Thu, 27 Jun 1996, Cy Schubert - ITSD Open Systems Group wrote:

> There's been a little discussion about a ypwhich hole under FreeBSD  2.1.0R.  In 
> order to plug the hole as quickly and as easily as possible, for the moment, 
> would replacing the 2.1.0 version of ypwhich with the one in current fix the 
> problem or does the problem exist in a library or in the kernel?
> 
> 
> Regards,                       Phone:  (604)389-3827
> Cy Schubert                    OV/VM:  BCSC02(CSCHUBER)
> Open Systems Support          BITNET:  CSCHUBER@BCSC02.BITNET
> ITSD                        Internet:  cschuber@uumail.gov.bc.ca
>                                        cschuber@bcsc02.gov.bc.ca
> 
> 		"Quit spooling around, JES do it."
> 
> 

  As far as I know, this problem has never been announced on this list, 
nor has a security advisory been issued.

  current's yp code has extensive changes.  ypwhich may not compile.

Tom