From owner-freebsd-security  Fri Jun 15 10:14: 8 2001
Delivered-To: freebsd-security@freebsd.org
Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4])
	by hub.freebsd.org (Postfix) with ESMTP id 37AF837B403
	for <freebsd-security@FreeBSD.ORG>; Fri, 15 Jun 2001 10:13:51 -0700 (PDT)
	(envelope-from mike@sentex.net)
Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47])
	by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f5FHDiv22957;
	Fri, 15 Jun 2001 13:13:44 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <5.1.0.14.0.20010615130316.041d7720@marble.sentex.ca>
X-Sender: mdtpop@marble.sentex.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Fri, 15 Jun 2001 13:08:09 -0400
To: rich@rdrose.org, freebsd-security@FreeBSD.ORG
From: Mike Tancsa <mike@sentex.net>
Subject: Re: FW: OpenBSD 2.9,2.8 local root compromise (fwd)
In-Reply-To: <Pine.LNX.4.21.0106151804070.14714-100000@pkl.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 06:04 PM 6/15/01 +0100, rich@rdrose.org wrote:
>Someone asked about 4.3 being susceptible to this attack....


A followup to the message you quote below seems to imply this is not the 
case and FreeBSD might be vulnerable.  Hence the request for 
clarification.  See the message from Jason R Thorpe <thorpej@zembu.com> 
which I posted in my original question to this list.


         ---Mike



>---------- Forwarded message ----------
>Date: Fri, 15 Jun 2001 08:41:13 -0500
>From: Will Senn <wsenn@postfuture.com>
>To: OpenBSDTech <tech@openbsd.org>
>Subject: FW: OpenBSD 2.9,2.8 local root compromise
>
>-----Original Message-----
>From: Przemyslaw Frasunek [mailto:venglin@freebsd.lublin.pl]
>Sent: Thursday, June 14, 2001 12:10 PM
>To: Georgi Guninski
>Cc: Bugtraq
>Subject: Re: OpenBSD 2.9,2.8 local root compromise
>
>
>On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
> > OpenBSD 2.9,2.8
> > Have not tested on other OSes but they may be vulnerable
>
>FreeBSD 4.3-STABLE isn't vulnerable. Looks like it's dropping set[ug]id
>privileges before allowing detach.
>
>--
>* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
>* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message