Date: Sat, 8 Sep 2001 14:03:41 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Jordan Hubbard <jkh@FreeBSD.ORG> Cc: security@FreeBSD.ORG Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <200109082103.f88L3fK29117@earth.backplane.com> References: <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
Jordan, I would like to commit this to -stable for the release,
if it isn't too late. (and -current as well). This doesn't address
the config file problems with uucp but it will prevent the root
exploit. It also prevents 'tip' from being exploited.
-Matt
Index: usr.bin/tip/tip/Makefile
===================================================================
RCS file: /home/ncvs/src/usr.bin/tip/tip/Makefile,v
retrieving revision 1.10.6.1
diff -u -r1.10.6.1 Makefile
--- usr.bin/tip/tip/Makefile 2001/04/25 11:29:42 1.10.6.1
+++ usr.bin/tip/tip/Makefile 2001/09/08 21:00:03
@@ -21,11 +21,13 @@
MAN= tip.1 modems.5
SRCS= acu.c acutab.c cmds.c cmdtab.c cu.c hunt.c log.c partab.c \
remote.c tip.c tipout.c value.c vars.c
+INSTALLFLAGS+= -fschg
BINDIR?= /usr/bin
BINOWN= uucp
BINGRP= dialer
#BINMODE?= 4510
+
# XXX: there is some concern that `tip' in its current state shouldn't run
# SUID. If it believed it should, the mode above may still no be proper.
Index: gnu/libexec/uucp/cu/Makefile
===================================================================
RCS file: /home/ncvs/src/gnu/libexec/uucp/cu/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- gnu/libexec/uucp/cu/Makefile 1999/08/27 23:33:06 1.8
+++ gnu/libexec/uucp/cu/Makefile 2001/09/08 20:57:47
@@ -12,6 +12,7 @@
DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP)
CFLAGS+= -I$(.CURDIR)/../common_sources\
-DVERSION=\"$(VERSION)\"
+INSTALLFLAGS+= -fschg
.include <bsd.prog.mk>
.PATH: $(.CURDIR)/../common_sources
Index: gnu/libexec/uucp/uucp/Makefile
===================================================================
RCS file: /home/ncvs/src/gnu/libexec/uucp/uucp/Makefile,v
retrieving revision 1.6
diff -u -r1.6 Makefile
--- gnu/libexec/uucp/uucp/Makefile 1999/08/27 23:33:55 1.6
+++ gnu/libexec/uucp/uucp/Makefile 2001/09/08 20:57:57
@@ -11,6 +11,7 @@
DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP)
CFLAGS+= -I$(.CURDIR)/../common_sources\
-DVERSION=\"$(VERSION)\"
+INSTALLFLAGS+= -fschg
.include <bsd.prog.mk>
.PATH: $(.CURDIR)/../common_sources
Index: gnu/libexec/uucp/uuname/Makefile
===================================================================
RCS file: /home/ncvs/src/gnu/libexec/uucp/uuname/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- gnu/libexec/uucp/uuname/Makefile 1999/08/27 23:33:58 1.5
+++ gnu/libexec/uucp/uuname/Makefile 2001/09/08 20:58:14
@@ -11,7 +11,7 @@
DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP)
CFLAGS+= -I$(.CURDIR)/../common_sources\
-DVERSION=\"$(VERSION)\"
-
+INSTALLFLAGS+= -fschg
.include <bsd.prog.mk>
.PATH: $(.CURDIR)/../common_sources
Index: gnu/libexec/uucp/uustat/Makefile
===================================================================
RCS file: /home/ncvs/src/gnu/libexec/uucp/uustat/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- gnu/libexec/uucp/uustat/Makefile 1999/08/27 23:34:02 1.5
+++ gnu/libexec/uucp/uustat/Makefile 2001/09/08 20:58:21
@@ -13,6 +13,7 @@
CFLAGS+= -I$(.CURDIR)/../common_sources\
-DOWNER=\"$(owner)\"\
-DVERSION=\"$(VERSION)\"
+INSTALLFLAGS+= -fschg
.include <bsd.prog.mk>
.PATH: $(.CURDIR)/../common_sources
Index: gnu/libexec/uucp/uux/Makefile
===================================================================
RCS file: /home/ncvs/src/gnu/libexec/uucp/uux/Makefile,v
retrieving revision 1.6
diff -u -r1.6 Makefile
--- gnu/libexec/uucp/uux/Makefile 1999/08/27 23:34:05 1.6
+++ gnu/libexec/uucp/uux/Makefile 2001/09/08 20:58:25
@@ -11,6 +11,7 @@
DPADD+= $(LIBUNIX) $(LIBUUCONF) $(LIBUUCP)
CFLAGS+= -I$(.CURDIR)/../common_sources\
-DVERSION=\"$(VERSION)\"
+INSTALLFLAGS+= -fschg
.include <bsd.prog.mk>
.PATH: $(.CURDIR)/../common_sources
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109082103.f88L3fK29117>