brettlariat.org

• Next message: Chutima S.: "Why should I upgrade from 2.2.8 to 3.4"
• Previous message: Bill Fumerola: "Re: Doscmd"
• In reply to: Bill Fumerola: "Re: Doscmd"
• Next in thread: Warner Losh: "Re: Doscmd"
• Next in thread: Warner Losh: "Re: Doscmd"
• Reply: Brett Glass: "Re: Doscmd"
• Reply: Warner Losh: "Re: Doscmd"
• Reply: Paul Hart: "Re: Doscmd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If it relies on doscmd being suid, then it would fail. But
I have wondered whether control of your descriptor tables would
let you hack the system. What's in that machine language?

--Brett

At 11:13 PM 2/15/2000 , Bill Fumerola wrote:
   
>On Tue, Feb 15, 2000 at 08:56:41PM -0800, Kuzak wrote:
>
> > A friend of mine was asking me about an exploit
> > for 3.4-STABLE.. and I wasn't quite sure about
> > the answer.. Basically is it safe to disable
> > /usr/bin/doscmd ( chmod 000 /usr/bin/doscmd ),
> > and will this render this exploit useless?
>
>doscmd isn't suid to begin with, so I don't see the problem.
>
>I could be missing the point though.
>
>doscmd however can be safely disabled or removed without
>any negative effect.
>
>--
>Bill Fumerola - Network Architect
>Computer Horizons Corp - CVM
>e-mail: billfchc-chimes.com / billfFreeBSD.org
>Office: 800-252-2421 x128 / Cell: 248-761-7272
>
>
>
>
>
>
>To Unsubscribe: send mail to majordomoFreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Chutima S.: "Why should I upgrade from 2.2.8 to 3.4"
• Previous message: Bill Fumerola: "Re: Doscmd"
• In reply to: Bill Fumerola: "Re: Doscmd"
• Next in thread: Warner Losh: "Re: Doscmd"
• Next in thread: Warner Losh: "Re: Doscmd"
• Reply: Brett Glass: "Re: Doscmd"
• Reply: Warner Losh: "Re: Doscmd"
• Reply: Paul Hart: "Re: Doscmd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]