From owner-freebsd-security@FreeBSD.ORG  Thu Nov  6 10:44:22 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B0EE816A4CE
	for <freebsd-security@freebsd.org>;
	Thu,  6 Nov 2003 10:44:22 -0800 (PST)
Received: from mail.broadpark.no (mail.broadpark.no [217.13.4.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D6EEC43FB1
	for <freebsd-security@freebsd.org>;
	Thu,  6 Nov 2003 10:44:16 -0800 (PST)	(envelope-from des@des.no)
Received: from smtp.des.no (37.80-203-228.nextgentel.com [80.203.228.37])
	by mail.broadpark.no (Postfix) with ESMTP
	id 761BA78CFF; Thu,  6 Nov 2003 19:44:15 +0100 (MET)
Received: by smtp.des.no (Pony Express, from userid 666)
	id 269A49B588; Thu,  6 Nov 2003 19:44:15 +0100 (CET)
Received: from dwp.des.no (dwp.des.no [10.0.0.4])
	by smtp.des.no (Pony Express) with ESMTP
	id 3016795982; Thu,  6 Nov 2003 19:44:11 +0100 (CET)
Received: by dwp.des.no (Postfix, from userid 2602)
	id 61377B828; Thu,  6 Nov 2003 19:44:11 +0100 (CET)
To: Kim Needham <kim.needham@rocksoft.com>
References: <20031104180932.GA70958@rot13.obsecurity.org>
	<001901c3a2de$7ab72c10$6855cd80@dhcp.hwi.buffalo.edu>
	<20031104180932.GA70958@rot13.obsecurity.org>
	<5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au>
From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
Date: Thu, 06 Nov 2003 19:44:11 +0100
In-Reply-To: <5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au> (Kim
 Needham's message of "Wed, 05 Nov 2003 11:58:21 +1030")
Message-ID: <xzpbrrptk04.fsf@dwp.des.no>
User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on dsa.des.no
X-Spam-Level: 
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
cc: freebsd-security@freebsd.org
cc: Robert Collins <rcollins@hwi.buffalo.edu>
Subject: Re: Veractiy and FreeBSD
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Nov 2003 18:44:22 -0000

Kim Needham <kim.needham@rocksoft.com> writes:
> Since FreeBSD 5.x seems to no longer use a mounted proc filesystem but pr=
oc
> is mounted on the root device, this check will need to be removed for
> FreeBSD 5.x.

Bollocks.  The only practical difference between procfs in 4.x and 5.x
is that it is not mounted by default in 5.x.

To the original poster, removing PSEUDOFS and PROCFS from the kernel
achieves absolutely nothing, as mount_procfs will simply load the
module.  You need to unmount /proc, remove the corresponding line from
/etc/fstab, and read a book or two about Unix system administration
(Nemeth, Snyder, Seebass, Hein is a good start)

DES
--=20
Dag-Erling Sm=F8rgrav - des@des.no