Date: Fri, 13 Jul 2001 21:21:22 +0400 From: void@void.ru To: Kris Kennaway <kris@obsecurity.org> Cc: security@FreeBSD.ORG Subject: Re: root compromise fix for RELENG_3 ? Message-ID: <204199672.20010713212122@void.ru> In-Reply-To: <20010711122732.E87389@xor.obsecurity.org> References: <4.2.2.20010711075617.05777eb8@192.168.0.12> <20010711122732.E87389@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, people KK> The situation wrt local security fixes in RELENG_3 is that it's up KK> to individual committers to commit them; the security officer KK> isn't going to be enforcing it given the documented existence of KK> an unfixable local root hole in that branch. Hm, my old 3.4 which I'm running on my laptop seemed be not vulnerable to this attack (with installed patches from www.securebsd.com). Seems routines from these patches which perform additional checks and logging before fork()ing and vfork()ing screwed up the possibility of the exploit. 4.3-BETA and -RELEASE with those patches also seemed be not vulnerable to attack.. but latest version of these patches is only for 4.0 and need some manual fixups to be installed on a 4.3-* kernels. I've put the fixed version for 4.3 kernels to http://void.ru/securebsd_4.3.diff (NB! Use in on your own risk, I'm highly advising you all to review the code before applying it and not to use it on the commercial systems until you know what you're doing!) .d To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?204199672.20010713212122>