This looks like the BSD libc fts.c bug discussed here in May.
OpenBSD is not vulnerable to this since it does not follow symlinks
when dumping core. Also, I committed a fix in OpenBSD to the fts.c
bug (based on the bugtraq posting) shortly after it was found.
As a result find did not get a SEGV on OpenBSD-current (and if it
had find.core would not have followed the link anyway).
I have passed along the fts.c patch to the NetBSD folks and I know
that one of the FreeBSD guys was recently working on incorporating
changes from the OpenBSD fts.c. I don't see the relevant change in
FreeBSD-current though.
>From discussions on the NetBSD secuirty list it looks like NetBSD
is going to disallow core dumps through a symlink--I would encourage
FreeBSD to do the same.
- todd
