Re: dropping ``setgid tty'' in dump(8)
From: Ruslan Ermilov (ru@FreeBSD.org)
Date: 09/05/01
- Next message: Kevin Way: "Re: Good practice for /tmp"
- Previous message: Justin Stanford: "Re: pop server"
- In reply to: Ruslan Ermilov: "dropping ``setgid tty'' in dump(8)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 5 Sep 2001 18:43:59 +0300 From: Ruslan Ermilov <ru@FreeBSD.org> To: security@FreeBSD.org
This and that patches have been committed.
On Mon, Sep 03, 2001 at 08:19:09PM +0300, Ruslan Ermilov wrote:
> Hi!
>
> The attached patch replaces the ``wall -g'' functionality built
> into dump(8) directly with the call to wall(1), thus making it
> possible to drop the ``setgid tty'' privilege.
>
> The DIALUP check was weak, and was also removed.
>
> The patch is based on the OpenBSD's work.
>
> <PS>
> I've posted another message to the -audit that makes ``wall -g''
> really work.
> </PS>
-- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Kevin Way: "Re: Good practice for /tmp"
- Previous message: Justin Stanford: "Re: pop server"
- In reply to: Ruslan Ermilov: "dropping ``setgid tty'' in dump(8)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
