From owner-freebsd-hackers  Thu Aug 26 15:23:11 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id D1D6E15460
	for <hackers@FreeBSD.ORG>; Thu, 26 Aug 1999 15:23:04 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA86382;
	Thu, 26 Aug 1999 16:22:32 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id QAA68421; Thu, 26 Aug 1999 16:23:50 -0600 (MDT)
Message-Id: <199908262223.QAA68421@harmony.village.org>
To: Julian Elischer <julian@whistle.com>
Subject: Re: (forw) FreeBSD (and other BSDs?) local root explot 
Cc: crypt0genic <crypt0genic@ecad.org>, hackers@FreeBSD.ORG
In-reply-to: Your message of "Thu, 26 Aug 1999 11:40:35 PDT."
		<Pine.BSF.3.95.990826113842.11083E-100000@current1.whistle.com> 
References: <Pine.BSF.3.95.990826113842.11083E-100000@current1.whistle.com>  
Date: Thu, 26 Aug 1999 16:23:49 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <Pine.BSF.3.95.990826113842.11083E-100000@current1.whistle.com> Julian Elischer writes:
: quickest fix would be to make the core-dump routines not follow symlinks.

An even quicker fix would be to disable coredumps in periodic, since
no reboot would be required. :-)

As has been noted in -security, the kernel fix has been committed.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message