From owner-freebsd-security Fri Dec 1 7:54:54 2000 Delivered-To: freebsd-security@freebsd.org Received: from elvis.mu.org (elvis.mu.org [207.154.226.10]) by hub.freebsd.org (Postfix) with ESMTP id 6502037B401 for ; Fri, 1 Dec 2000 07:54:52 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1098) id E586C2B28C; Fri, 1 Dec 2000 09:54:46 -0600 (CST) Date: Fri, 1 Dec 2000 09:54:46 -0600 From: Bill Fumerola To: Nevermind Cc: Matjaz Martincic , freebsd-security@FreeBSD.ORG Subject: Re: Important!! Vulnerability in standard ftpd Message-ID: <20001201095446.K83422@elvis.mu.org> References: <20001201124713.K2185@nevermind.kiev.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001201124713.K2185@nevermind.kiev.ua>; from never@nevermind.kiev.ua on Fri, Dec 01, 2000 at 12:47:13PM +0200 X-Operating-System: FreeBSD 4.2-FEARSOME-20001103 i386 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Dec 01, 2000 at 12:47:13PM +0200, Nevermind wrote: > No, I had only trusted non-anonymous ftp accounts. And sure, very-trusted shell > accounts. All of them have full sudo, but all of us were using only ssh, > telnetd was closed, noone accessed to non-anonymous ftp from outside network. From the posts I've seen I trust FreeBSD more then your ability to sysadmin. Please don't cry wolf and stir up stupid threads without concrete proof of problems with FreeBSD. (ie, I do X and it gives me privledge Z). -- Bill Fumerola - security yahoo / Yahoo! inc. - fumerola@yahoo-inc.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message