Date: Mon, 20 Aug 2001 04:27:14 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Patrick O'Reilly <patrick@mip.co.za> Cc: "'FreeBSD Question List (E-mail)'" <freebsd-questions@FreeBSD.ORG> Subject: Re: Name Daemon dies on signal 11 ?!? Message-ID: <20010820042714.A85470@xor.obsecurity.org> In-Reply-To: <008801c12958$f62671a0$b50d030a@patrick>; from patrick@mip.co.za on Mon, Aug 20, 2001 at 11:17:24AM %2B0200 References: <20010820100304.A26382@student.uu.se> <008801c12958$f62671a0$b50d030a@patrick>
next in thread | previous in thread | raw e-mail | index | archive | help
--5mCyUwZo2JvN/JJP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 20, 2001 at 11:17:24AM +0200, Patrick O'Reilly wrote: > I see that the vulnerability should be fixed in 4.3-RELEASE (which CDs I > just recently received). I'll schedule a re-install with the 4.3 CDs ASA= P. > (I guess it's time I set my mind to implementing CVSup ?!?) 4.3 and earlier have a serious vulnerability in telnetd. If you're using that, see the advisory for details on how to fix it. >=20 > Thanks once again for your quick and helpful responses! >=20 > PS: I see a suggestion in the advisory that 'named' can be run unprivileg= ed, > and chrooted, etc. Would you consider this to be a good practice for > security reasons, regardless of known vulnerabilities? Yes. > (and a little later...) >=20 > PPS: OK - the 'pkg_add -r bind' is done. Now pkg_info says I have version > 9.1.3! I see the new 'named' is in /usr/local/sbin/, and after a reboot > 'named -v' still reports v8.2.3. Any suggestions on the best way to hook= it > into /usr/sbin/? I could copy, move, hard/sym link? The original > /usr/sbin/named (v8) is still in-situ. I'm guessing : > % mv /usr/sbin/named /usr/sbin/named.8 # keep v823 for posterity > % ln /usr/local/sbin/named /usr/sbin/named # link v913 into place You didn't read the advisory properly. Kris --5mCyUwZo2JvN/JJP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7gPQSWry0BWjoQKURAt95AJ4zWUhouylSWqDv/fnkAq+EDkFAYgCgnCIT GgfEzaPiVBPXYqv6/NLvmAo= =8+T9 -----END PGP SIGNATURE----- --5mCyUwZo2JvN/JJP-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010820042714.A85470>