From owner-freebsd-security@FreeBSD.ORG Tue Dec 1 21:37:40 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BD77C1065679 for ; Tue, 1 Dec 2009 21:37:40 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-bw0-f213.google.com (mail-bw0-f213.google.com [209.85.218.213]) by mx1.freebsd.org (Postfix) with ESMTP id 4D8CD8FC0C for ; Tue, 1 Dec 2009 21:37:39 +0000 (UTC) Received: by bwz5 with SMTP id 5so3903391bwz.3 for ; Tue, 01 Dec 2009 13:37:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=k4+VH2FtZNbXXFW0iEliH9nFg4/SkX+mwVEk5/5YB9o=; b=YJlf2o0p+G7ipASt2gCnO76GHThz/P/eyTl4ZZ5QBQB/c0eTdHco/4MyCzqz3wSQVF WdFWB2U5bwuYsYs7KgaNSUj/7hRXkWAjKv6YM5g7d/V1bMH/7Hy0G/6l03oe7NRKUTbI F1h9q0zjaEh9+V6mQVnDYMzOoAZki3/+FrYU8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=JbktmsZx4FDmeeL/i3ddOMppIKRnB5tpysp2xwOnCYQWVyufNP5NzFSQuEpcwKAbjh XMvRyeInIlf9c8C5WVFqkC26vAWv6FUQtg+TfENmeKOMCJeD9WOMPHo3dQ/fnOQ3sjEg MNMWgq2cX5Wms3KgpBS8E/IzjddGzkTENnxHc= MIME-Version: 1.0 Received: by 10.204.34.70 with SMTP id k6mr6519083bkd.178.1259701825425; Tue, 01 Dec 2009 13:10:25 -0800 (PST) In-Reply-To: <4B155FFA.9040500@supsi.ch> References: <200912111749.nBBHnK95069152@fire.js.berklix.net> <4B155FFA.9040500@supsi.ch> Date: Wed, 2 Dec 2009 00:10:25 +0300 Message-ID: From: pluknet To: Roberto Nunnari Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org, "Julian H. Stacey" , Alex Huth , Jan Muenther Subject: Re: Upcoming FreeBSD Security Advisory X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2009 21:37:40 -0000 2009/12/1 Roberto Nunnari : > Julian H. Stacey ha scritto: >> >> Reference: >>> >>> From: =A0 =A0 =A0 =A0 =A0 Jan Muenther >> >>> I'd be greatly surprised if the affected code looked different in 6.x. >> >> There is No unsetenv in 6.2-RELEASE/src/libexec/rtld-elf/rtld. >> There Is =A0 =A0unsetenv in 6.[34]-RELEASE/src/libexec/rtld-elf/rtld. >> >> Cheers, >> Julian > > I just checked it out, and on 6.4 the script doesn't work. > $ uname -rms > FreeBSD 6.4-RELEASE-p7 i386 Because in 6.x *env() uses legacy Berkeley implementation, while 7+ uses its own one. --=20 wbr, pluknet