Date: Sun, 28 Mar 1999 16:48:41 +1200 From: Andrew McNaughton <andrew@squiz.co.nz> To: Warner Losh <imp@harmony.village.org> Cc: Gustavo Rios <grios@gabriel.netshell.com.br>, freebsd-security@FreeBSD.ORG Subject: Re: suid/guid Message-ID: <199903280448.QAA10976@aniwa.sky> In-Reply-To: Your message of "Sat, 27 Mar 1999 19:14:29 MST." <199903280214.TAA78932@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> In message <36FC7066.1FE66497@netshell.com.br> Gustavo Rios writes: > : Is there any suid/guid bit set file exploitable on systems 2.2.8-Stable? > > Not the the best of my knowledge. > > Warner > FreeBSD Security Officer Does 2.2.8-STABLE exist? I thought 2.2.8 had stopped at RELEASE. There was some discussion, and I gather a 2.2.8 ports collection is on the net. Unless this is being kept up to date, it will include some security holes. eg ports for lsof and super were updated to cover security holes in suid binaries not long back, but this may not be reflected in old ports collections. Andrew McNaughton -- ----------- Andrew McNaughton andrew@squiz.co.nz http://www.newsroom.co.nz/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903280448.QAA10976>