From owner-freebsd-security  Wed Oct  4  0:13: 4 2000
Delivered-To: freebsd-security@freebsd.org
Received: from static.unixfreak.org (static.unixfreak.org [63.198.170.139])
	by hub.freebsd.org (Postfix) with ESMTP id 9048A37B503
	for <security@freebsd.org>; Wed,  4 Oct 2000 00:13:00 -0700 (PDT)
Received: by static.unixfreak.org (Postfix, from userid 1000)
	id 8A3901F19; Tue,  3 Oct 2000 22:34:22 -0700 (PDT)
Subject: Re: BSD chpass (fwd)
In-Reply-To: <Pine.BSF.4.21.0010040014430.35500-100000@achilles.silby.com> from
 Mike Silbersack at "Oct 4, 2000 00:16:45 am"
To: Mike Silbersack <silby@silby.com>
Date: Tue, 3 Oct 2000 22:34:22 -0700 (PDT)
Cc: security@freebsd.org
From: Dima Dorfman <dima@unixfreak.org>
Reply-To: dima@unixfreak.org
X-Mailer: ELM [version 2.4ME+ PL61 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <20001004053422.8A3901F19@static.unixfreak.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> For those not subscribed to bugtraq, it's time to remove the suid bit on
> chpass.

Unfortunatly it isn't that easy if you're running with securelevel > 0
since chpass is installed with the schg (system immutable) flag on by
default.  Oh well, guess it's time to reboot some hosts.  :-/

-- 
Dima Dorfman <dima@unixfreak.org>
Finger dima@unixfreak.org for my public PGP key.

If only God would give me some clear sign!  Like making a large deposit
in my name at a Swiss bank.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message