From owner-freebsd-security  Thu Aug 28 15:42:16 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id PAA25019
          for security-outgoing; Thu, 28 Aug 1997 15:42:16 -0700 (PDT)
Received: from kithrup.com (kithrup.com [205.179.156.40])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id PAA25014
          for <security@freebsd.org>; Thu, 28 Aug 1997 15:42:14 -0700 (PDT)
Received: (from sef@localhost) by kithrup.com (8.8.5/8.6.6) id PAA28726; Thu, 28 Aug 1997 15:42:07 -0700 (PDT)
Date: Thu, 28 Aug 1997 15:42:07 -0700 (PDT)
From: Sean Eric Fagan <sef@Kithrup.COM>
Message-Id: <199708282242.PAA28726@kithrup.com>
To: security@freebsd.org
Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-97:04.procfs
In-Reply-To: <199708282136.XAA06146.kithrup.freebsd.security@bitbox.follo.net>
References: <199708261803.UAA00666@gvr.gvr.org>
	<19970828102957.48802@clifford.inch.com>
Organization: Kithrup Enterprises, Ltd.
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In article <199708282136.XAA06146.kithrup.freebsd.security@bitbox.follo.net> you write:
>The exploit need to be tailored for each branch.  2.1 is vulnerable.

Official statement:  all 4.4Lite derived systems that use procfs are
vulnerable, unless Steps Have been Taken.

The Steps FreeBSD Has Taken are the Steps I envisioned three or four years
ago.  Therefore, they are correct, and any other method is not :).