From owner-freebsd-questions  Mon Sep  6 10:50:32 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4280B157CD; Mon,  6 Sep 1999 10:50:13 -0700 (PDT)
	(envelope-from des@flood.ping.uio.no)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.3) id TAA24770;
	Mon, 6 Sep 1999 19:48:38 +0200 (CEST)
	(envelope-from des)
To: Brad Knowles <blk@skynet.be>
Cc: Dag-Erling Smorgrav <des@flood.ping.uio.no>,
	Pascal Hofstee <daeron@Wit401305.student.utwente.nl>,
	freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject: Re: softupdates in latest build?
References:   <Pine.BSF.4.10.9909061421050.6342-100000@shadowmere.student.utwente.nl>  <v04205526b3f9964ac159@[195.238.1.121]>  <xzp7lm4m0ll.fsf@flood.ping.uio.no> <v0420552cb3f9a8f52804@[195.238.1.121]>
From: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Date: 06 Sep 1999 19:48:37 +0200
In-Reply-To: Brad Knowles's message of "Mon, 6 Sep 1999 19:30:56 +0200"
Message-ID: <xzp671olymi.fsf@flood.ping.uio.no>
Lines: 16
X-Mailer: Gnus v5.5/Emacs 19.34
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Brad Knowles <blk@skynet.be> writes:
> 	Once on a box, it's trivially easy to get root.  In fact, with 
> various rootkits lying around, it's easy to do this programmatically 
> and gain root access to hundreds, thousands, tens of thousands of 
> machines in just a few minutes.

FUD. If it really is so trivial, you are welcome to post example
exploit code *which you have verified to be effective on a reasonably
configured FreeBSD box* to freebsd-security@freebsd.org, or submit it
in a PR. If you need the information to be treated confidentially, you
can contact security-officer@freebsd.org instead of posting to the
list.

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message