Date: Mon, 18 Dec 2000 18:12:16 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Mike Tancsa <mike@sentex.net> Cc: Kris Kennaway <kris@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs Message-ID: <20001218181216.A2629@citusc.usc.edu> In-Reply-To: <5.0.1.4.0.20001218124818.01cf9040@marble.sentex.ca>; from mike@sentex.net on Mon, Dec 18, 2000 at 12:49:49PM -0500 References: <156200781518.20001218191409@sandy.ru> <20001218153619.071BE37B400@hub.freebsd.org> <156200781518.20001218191409@sandy.ru> <20001218082209.C29592@citusc.usc.edu> <5.0.1.4.0.20001218124818.01cf9040@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--tThc/1wpZn/ma/RB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 18, 2000 at 12:49:49PM -0500, Mike Tancsa wrote: > At 08:22 AM 12/18/00 -0800, Kris Kennaway wrote: > >On Mon, Dec 18, 2000 at 07:14:09PM +0300, Vladimir Dubrovin wrote: > > > Hello FreeBSD Security Advisories, > > > > > > As far as I remember this issue was patched twice - in 1997 and in > > > January 2000. Do I miss something? > > > >There have been other vulnerabilities in procfs in the past. There may > >be others discovered in the future..it's what you might call "risky > >code". >=20 > Apart from not mounting it, does mounting it readonly make any difference= ? > proc /proc procfs r 0 0 > instead of > proc /proc procfs rw 0 0 Probably not. > What does one loose these days on 4.x not mounting it by default ? Not sure either. Kris --tThc/1wpZn/ma/RB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PsQAWry0BWjoQKURAgGTAJ9XcKe+NUmFhUwymreKAwwQ012J2QCgqh1d tzBDLnkZj3ZWUc3N4Q2R0fA= =jBjJ -----END PGP SIGNATURE----- --tThc/1wpZn/ma/RB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001218181216.A2629>