From owner-freebsd-questions Mon May 27 18:34:41 2002 Delivered-To: freebsd-questions@freebsd.org Received: from marbles.lost.net.au (marbles.lost.net.au [203.87.95.130]) by hub.freebsd.org (Postfix) with ESMTP id 9636237B400 for ; Mon, 27 May 2002 18:34:37 -0700 (PDT) Received: from localhost (tim@localhost) by marbles.lost.net.au (8.11.6/8.11.3) with ESMTP id g4S1YTv42439; Tue, 28 May 2002 11:04:31 +0930 (CST) (envelope-from tim@lost.net.au) Date: Tue, 28 May 2002 11:04:29 +0930 (CST) From: tim peters To: Jean-Yves Lefort Cc: Questions Subject: Re: Building ports as a non priviledged user In-Reply-To: <20020525225808.08ac014c.jylefort@brutele.be> Message-ID: <20020528110119.V42077-100000@marbles.lost.net.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, 25 May 2002, Jean-Yves Lefort wrote: JL> Hi, JL> JL> A backdoor has been found in Irssi's configure script. It compiled a JL> little C program which connected to some host and spawned a shell. JL> JL> Since FreeBSD ports are built as root by default, the attacker would JL> have gained a rootshell, instead of a non-priviledged shell. Someone else answered your question about building as non-root, so I'll just add this quote from http://www.irssi.org/?page=backdoor How do I know if I'm affected? [snip] FreeBSD port isn't backdoored, as it used the .bz2 file [snip So if you built from ports, this doesn't affect you. Makes you wonder about other ports though, doesn't it? -- tim@lost.net.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message