From owner-freebsd-security  Wed Jul  3 16:10:39 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA06676
          for security-outgoing; Wed, 3 Jul 1996 16:10:39 -0700 (PDT)
Received: from mail.jrihealth.com (mail.jrihealth.com [204.249.32.3])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA06670
          for <freebsd-security@freebsd.org>; Wed, 3 Jul 1996 16:10:35 -0700 (PDT)
Received: from carebase3.jri.org (danp@carebase3.jri.org [204.249.32.9]) by mail.jrihealth.com (8.3/8.6.6.Beta9) with SMTP id TAA14715; Wed, 3 Jul 1996 19:20:54 -0400
Date: Wed, 3 Jul 1996 19:21:07 -0400 (EDT)
From: Dan Polivy <danp@carebase3.jri.org>
To: freebsd-security@freebsd.org
Subject: is FreeBSD's rdist vulnerable?
Message-ID: <Pine.BSF.3.91.960703191714.1090A-100000@carebase3.jri.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hey,

Has anyone read 8lgm's rdist advisory and attempted to see whether or not 
FreeBSD's rdist is vulnerable?  I use rdist to update various files here, 
and so I suppose getting id of the setuid bit would break it?  Thanks...

Dan

+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| Dan Polivy      Powered by FreeBSD! | Systems Administrator                |
| Work:             <dpolivy@jri.org> | JRI Health Information Systems       |
| Home:            <danp@busstop.org> | http://www.jri.org/                  |
|-------------------------------------+--------------------------------------|
|  Webmaster, The Lion's Roar Online! | http://www.roar.pride.net/~roar/     |
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+