On Mon, Feb 05, 2001 at 11:17:28PM +0100, Roman Drahtmueller wrote: > SuSE ships the /usr/bin/man command suid man. > > After exploiting the man command format string vulnerability, the attacker > can then replace the /usr/bin/man binary with an own program - since the > man command is supposed to be used frequently (especially for administrators), > this imposes a rather high security risk, which deserves some due respect. > > We'll provide update packages shortly. The solution FreeBSD uses is to set the schg flag on /usr/bin/man - this flag can only be set and removed by root, and prevents a compromise of the man user from overwriting the binary. FWIW, I don't think FreeBSD has the man problem. Kris
PGP signature- Re: SuSe / Debian man package format string vu... Valdis Kletnieks
- Re: SuSe / Debian man package format string vu... Ethan Benson
- Re: SuSe / Debian man package format string vu... John
- Re: SuSe / Debian man package format strin... Megyer Ur
- Re: SuSe / Debian man package format s... Foldi Tamas
- Re: SuSe / Debian man package format strin... Andreas Ferber
- Re: SuSe / Debian man package format strin... Graham Hughes
- Re: SuSe / Debian man package format strin... Matt Zimmerman
- Re: SuSe / Debian man package format string vu... Mate Wierdl
- Re: SuSe / Debian man package format string vu... Roman Drahtmueller
- Re: SuSe / Debian man package format strin... Kris Kennaway
- Re: SuSe / Debian man package format string vulnerabili... Darren Moffat
- Re: SuSe / Debian man package format string vulnerabili... Darren Moffat
