Date: Mon, 30 Oct 2000 04:50:30 -0500 (EST) From: Matt Heckaman <matt@ARPA.MAIL.NET> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG> Subject: Re: crontab problem Message-ID: <Pine.BSF.4.21.0010300449350.4099-100000@epsilon.lucida.qc.ca> In-Reply-To: <20001030014440.A11913@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks Kris, I'll pull the patch out of the archives for -audit, hopefully it's been archived already; as I don't know how often the posts are added to the archive. I'll do some testing here on a few machines and see what comes out of it. - -Matt On Mon, 30 Oct 2000, Kris Kennaway wrote: : There was a patch posted to -audit a few days ago which is yet : unreviewed but claims to address the issue. Note that we've been : unable to replicate the claimed full impact of the problem on FreeBSD : - the impact seems to be limited to reading files which are a valid : cron job syntax, meaning basically files which are entirely commented : out, or actual cron jobs (e.g. those owned by other users). Still a : problem, though. : : Kris * Matt Heckaman - mailto:matt@lucida.qc.ca http://www.lucida.qc.ca/ * * GPG fingerprint - A9BC F3A8 278E 22F2 9BDA BFCF 74C3 2D31 C035 5390 * -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: http://www.lucida.qc.ca/pgp iD8DBQE5/URndMMtMcA1U5ARAiNYAJ9O+zEMheMMSSn42u0jg3tgxXFyhwCg8TwI FREZW4YLKIBeaWVDDzTzZZ8= =C1ey -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0010300449350.4099-100000>