From owner-freebsd-security  Sun Feb 25 23:28:26 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id XAA00333
          for security-outgoing; Sun, 25 Feb 1996 23:28:26 -0800 (PST)
Received: from nervosa.com (root@nervosa.com [192.187.228.86])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id XAA00327
          for <freebsd-security@freebsd.org>; Sun, 25 Feb 1996 23:28:22 -0800 (PST)
Received: from nervosa.com (coredump@onyx.nervosa.com [10.0.0.1]) by nervosa.com (8.7.4/nervosa.com.2) with SMTP id XAA10188; Sun, 25 Feb 1996 23:28:08 -0800 (PST)
Date: Sun, 25 Feb 1996 23:28:07 -0800 (PST)
From: invalid opcode <coredump@nervosa.com>
To: Mark Smith <msmith@comtch.iea.com>
cc: taob@io.org, freebsd-security@freebsd.org
Subject: Re: Suspicious symlinks in /tmp
In-Reply-To: <199602260456.EAA07774@comtch.iea.com>
Message-ID: <Pine.BSF.3.91.960225232736.9963D-100000@nervosa.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
Precedence: bulk

On Sun, 25 Feb 1996, Mark Smith wrote:

> > Looks like someone is trying to exploit a race condition in order to grab 
> > the password file.
> 
> Will this attack work under FreeBSD 2.1R ?
> Mark

A race condition attack will work under any OS when a race condition is 
possible.

== Chris Layne ==============================================================
== coredump@nervosa.com ================= http://www.nervosa.com/~coredump ==