|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: procfs hole
Alex (garbanzo
HOOKED.NET)Sun, 10 Aug 1997 22:30:42 -0700
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Marc Slemko: "Re: popper and qpopper let you read email from other pop clients"
- Previous message: JeBe: "Program To decrypt password in ws_ftp.ini"
- In reply to: Eivind Eklund: "Re: procfs hole"
- Next in thread: Jonathan A. Zdziarski: "Re: procfs hole"
On Sun, 10 Aug 1997, Eivind Eklund wrote: > > > > There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected, > > I have not tested 3.x but I believe it to be vulnerable as well) along > > with OpenBSD (not tested by me, but by someone else -- believe it was > > 2.1-RELEASE although obsd doesnt mount procfs by default like freebsd > > does). > > Temporary fix: Disable the /proc filesystem. Setting ro instead of rw in > /etc/fstab or chmod'ing on the mountpoint do _not_ work. > > Eivind, > looking for a proper fix, but not expecting to get there before David. There was a patch released on FreeBSD-Hackers about 3 or so hours ago, that claims to fix the problem. - alex
- Next message: Marc Slemko: "Re: popper and qpopper let you read email from other pop clients"
- Previous message: JeBe: "Program To decrypt password in ws_ftp.ini"
- In reply to: Eivind Eklund: "Re: procfs hole"
- Next in thread: Jonathan A. Zdziarski: "Re: procfs hole"