From owner-freebsd-security Thu Mar 16 0:21:33 2000 Delivered-To: freebsd-security@freebsd.org Received: from jason.argos.org (a1-3b058.neo.rr.com [24.93.181.58]) by hub.freebsd.org (Postfix) with ESMTP id EBE4437BEE0; Thu, 16 Mar 2000 00:20:44 -0800 (PST) (envelope-from mike@argos.org) Received: from localhost (mike@localhost) by jason.argos.org (8.9.1/8.9.1) with ESMTP id DAA05055; Thu, 16 Mar 2000 03:20:44 -0500 Date: Thu, 16 Mar 2000 03:20:44 -0500 (EST) From: Mike Nowlin To: freebsd-ports@freebsd.org Cc: freebsd-security@freebsd.org Subject: gated 3.5.11 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Due to ports/net/gated being marked as "forbidden", my requirement for it, and a quick search of the mailing lists, .... hawk:/usr/ports/net/gated# make ===> gated-3.5.11 is forbidden: Security hole (buffer overflow possibly yielding root). hawk:/usr/ports/net/gated# There was a message ~Dec 1 about a wheel-exploitable bug in gdc... Seems to me that the only risk is for people that get wheel group access (or so.... a wee bit too much brain-numbing beverage at this point in time. :) )... If I'm willing to take this risk, is there some other reason why this port is marked as forbidden? Or is there something else I can't find pointing to a "possibly yielding root" bug (my understanding being that "yielding root" means there's a bug in there allowing some inside or outside joker to get root privs...) If you need a valid account to start with, that's not a problem - telnetd & friends probably won't be running on this machine to start with -- just a serial console... thanks - mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message