In message <[EMAIL PROTECTED]> Mark Crispin writes:
: Last but not least, I am very interested in Kris Kennaway's claim
: that "It may also be possible to break out of the chroot jail on
: some platforms." If true, it represents a huge root-level security
: hole on those platforms. I simply do n
In message <[EMAIL PROTECTED]> Lamagra Argamal writes:
: On FreeBSD dump has the same hole i describes in my previous post. Only it is
:exploitable :-)
You are wrong. That hole was cleaned up a long time ago, before
Release 3.3R. Are you *SURE* that you tested a latest version?
Warner
: From quick inspection, FreeBSD appears to be vulnerable
While I don't usually like to comment on pending advisories, FreeBSD
has corrected this problem in -current, -stable and soon in
2.2.8-stable. There will be an advisory from the person that brought
this to our (and presumably their) atten
In FreeBSD-stable and -current, these tricks allow only tojan horses,
but do not allow normal users to elevate their privs. It appears that
man doesn't run at elevated priviledge levels for execution of the
sub-commands needed to build the man pages (despite man being setuid
man on FreeBSD-stable