From owner-freebsd-security  Mon Feb 26 07:37:03 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id HAA25586
          for security-outgoing; Mon, 26 Feb 1996 07:37:03 -0800 (PST)
Received: from comtch.iea.com (comtch.iea.com [198.17.249.2])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA25580
          for <freebsd-security@freebsd.org>; Mon, 26 Feb 1996 07:37:00 -0800 (PST)
Received: by comtch.iea.com (8.6.10/SMI-4.1)
	id PAA11711; Mon, 26 Feb 1996 15:36:50 GMT
Message-Id: <199602261536.PAA11711@comtch.iea.com>
Subject: Re: Suspicious symlinks in /tmp
To: coredump@nervosa.com (invalid opcode)
Date: Mon, 26 Feb 1996 07:36:50 -0800 (PST)
From: "Mark Smith" <msmith@comtch.iea.com>
Cc: taob@io.org, freebsd-security@freebsd.org
In-Reply-To: <Pine.BSF.3.91.960225232736.9963D-100000@nervosa.com> from "invalid opcode" at Feb 25, 96 11:28:07 pm
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@freebsd.org
Precedence: bulk

> 
> On Sun, 25 Feb 1996, Mark Smith wrote:
> 
> > > Looks like someone is trying to exploit a race condition in order to grab 
> > > the password file.
> > 
> > Will this attack work under FreeBSD 2.1R ?
> > Mark
> 
> A race condition attack will work under any OS when a race condition is 
> possible.
> 

Possibly, I didn't make my self clear.  Is this race condition possible
under FreeBSD 2.1R ?

Mark