Date: Thu, 27 Jun 1996 16:02:10 -0700 (PDT) From: Steve Reid <root@edmweb.com> To: Guido van Rooij <guido@gvr.win.tue.nl> Cc: freebsd-security@FreeBSD.ORG Subject: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Message-ID: <Pine.BSF.3.91.960627155905.196B-100000@bitbucket.edmweb.com> In-Reply-To: <199606271203.OAA25884@gvr.win.tue.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> 2.1.0 IS vulnerable!!!!! > 2.1.0-current and stable are not vulnerable anymore. I'm using FreeBSD 2.1.0-RELEASE. Is it sufficent to remove the suid bit from the suidperl binaries? Or do I also have to search for scripts with the suid bit? I don't currently need suid perl scripts. ===================================================================== | Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/) | | Email: steve@edmweb.com Home Page: http://www.edmweb.com/steve/ | | PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 | | -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. -- | ===================================================================:)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960627155905.196B-100000>