Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]
From: Kris Kennaway (kris@obsecurity.org)
Date: 01/30/01
- Next message: Crist J. Clark: "Re: My FreeBSD Firewall"
- Previous message: Brian F. Feldman: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- In reply to: Brian F. Feldman: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Next in thread: Alfred Perlstein: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Reply: Alfred Perlstein: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Jan 2001 22:29:03 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "Brian F. Feldman" <green@FreeBSD.ORG>
On Tue, Jan 30, 2001 at 01:09:11AM -0500, Brian F. Feldman wrote:
> Actually, there were two issues. One was that the permissions weren't
> dropped totally on the way to opening the .fakeid file, and the other was
> that it was not read in a way that would be guaranteed not to block, so by
> creating a named pipe, the user could hang an inetd child.
Is that really a security issue, though?
Kris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Crist J. Clark: "Re: My FreeBSD Firewall"
- Previous message: Brian F. Feldman: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- In reply to: Brian F. Feldman: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Next in thread: Alfred Perlstein: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Reply: Alfred Perlstein: "Re: FreeBSD Security Advisory: FreeBSD-SA-01:11.inetd [REVISED]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
