Date: Sat, 18 May 1996 22:24:04 -0500 (CDT) From: "Brett L. Hawn" <blh@nol.net> To: Andre Grosse Bley <gandalf@infinity.ping.de> Cc: Dan Polivy <danp@library.pride.net>, freebsd-hackers@FreeBSD.org Subject: Re: SECURITY BUG in FreeBSD (fwd) Message-ID: <Pine.SOL.3.93.960518222323.21514D-100000@dazed.nol.net> In-Reply-To: <199605181951.VAA00672@infinity.ping.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 18 May 1996, Andre Grosse Bley wrote:
Just as a thought... wouldn't it be smarter in the long run to rewrite rm to
not check for euid.
Brett
> I think this one is easy to fix:
>
> edit /usr/src/lib/libc/gen/getvfsent.c
>
> In vfsload() you'll see following code:
>
> status = execlp("modload", "modload", "-e", name_mod, "-o",
> name_mod,
> "-u", "-q", path, (const char *)0);
>
> I replaced it by:
> status = execlp("/sbin/modload", "/sbin/modload", "-e", name_mod,
> "-o",
> name_mod,
> "-u", "-q", path, (const char *)0);
>
> rebuilt libc (and INSTALLED!) after that. And don't forget to rebuild
> /sbin/mount_union (and mount_msdos, both are setuid)
>
> This fixes the bug for me, i hope i didn't made any mistakes. Anyone
> could tell me if that's ok?
>
> BTW: Easier is to remove setuid bit from mount_union (and msdos, both
> are setuid!)
>
> --
> Regards, Andre
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.93.960518222323.21514D-100000>