mail archive Security issues members-only posting
freebsd-security.freebsd.org
(List home) (Recent threads) (174 other FreeBSD lists)
Subscription Options
- RSS or Atom: Read-only subscription using a browser or aggregator. This is the recommended way if you don't need to send messages to the list. You can learn more about feed syndication and clients here.
- Conventional: All messages are delivered to your mail address, and you can reply. To subscribe, send an email to the list's subscribe address with "subscribe" in the subject line, or visit the list's homepage here.
- Low traffic list: less than 3 messages per day
- This list contains about 36,193 messages, beginning Feb 1995
- 5 messages added yesterday
Security issues members-only posting
May 1996
FreeBSD & firewalls (7 Replies)
Kristyn Fayette — 83096997801 May 1996*
Hi, I'm getting ready to set up a firewall and I was wondering if anyone can give me some suggestions. Currently, I've got a firewall running ...
jamie — 83097056101 May 1996
I'm sure that there is a digest version of this list somewhere but I was wondering if anyone has compiled an FAQ or a doc based upon the issues on...
sendmail (4 Replies)
Thomas J Balfe — 83124320904 May 1996*
I have recently compiled sendmail from cert.org. What I want to know, does sendmail have to be mode 4555 to function correctly, or will be function co...
Weird system security output (5 Replies)
Brian Wang — 83125021004 May 1996*
After searching the mail archives, I found the following posted question without replies. I'd love some replies though.Just last night, I'm ha...
Jim Fleming — 83128760705 May 1996
On Sunday, May 05, 1996 3:46 AM, Jordan K. Hubbard[SMTP:] wrote: @ > Does the word "Free" in FreeBSD mostly stand for Free as in Money @ ...
dot.cshrc and weird umask value (2 Replies)
(Jaroslaw Bazydlo) — 83131618705 May 1996*
Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask value 2 ???? This simply couses producing group writable files. Imagine th...
dot.cshrc and weird umask value (3 Replies)
Alex Nash — 83134065605 May 1996*
The man page for adduser(8) has a good writeup on this: UNIQ GROUP Perhaps your missing what *can* be done with this scheme that falls apart with most...
Alex Nash — 83134465506 May 1996
I've added a couple of lines (ok, really I stole them from the setuid diff section) to my /etc/security that show changes in ipfw denied packet co...
jwshin — 83136240706 May 1996
subscribe security...
anyone ever get this message? (5 Replies)
Thomas J Balfe — 83220355815 May 1996*
May 13 06:22:39 falcon in.identd[2686]: warning: can't get client address: Socket is not connected May 13 06:22:39 falcon in.identd[2686]: connect...
very bad (2 Replies)
invalid opcode — 83233038117 May 1996*
Uh oh This is valid [coredump@onyx] ~> sh $ export PATH=/tmp:$PATH $ echo /bin/sh >/tmp/modload $ chmod +x /tmp/modload $ mount_union /dir1 /dir...
0 (1 Reply)
invalid opcode — 83233755317 May 1996*
FWIW, I just forwarded the quick fix of chmod u-s /sbin/mount_union and a copy of the problem to root@everyone on www.freebsd.org 's gallery of fr...
BoS: SECURITY BUG in FreeBSD (fwd) (1 Reply)
invalid opcode — 83235411117 May 1996*
hmmmmm == Chris Layne Nervosa Computing == == http://www.nervosa.com/~coredump == -- Forwarded message -- Date: Fri, 17 May 1996 09:12:13 METDST From:...
Jeffrey Hsu <hsu> — 83235734717 May 1996
I believe mount_union is setuid root to allow non-root users to make union mounts in directories that they own. The Lite2 kernel (a current snapshot o...
Richard Palmer — 83235744417 May 1996
subscribe...
M.R.Murphy — 83235869917 May 1996
> Personally, I prefer having the instructions, but it's not a good idea... Me too. I hate the STO argument thread, and to avoid it, might it n...
Charles C. Figueiredo — 83237245417 May 1996
"I don't want to grow up, I'm a BSD kid. There's so many toys in /usr/bin that I can play with!...
FreeBSD Security Officer — 83237614017 May 1996
This is the second of two related security advisory notices. = FreeBSD-SA-96:10 Security Advisory The FreeBSD Project, Inc. Topic: system stability co...
Brian Tao — 83237673517 May 1996
Here's the same bug reported by someone else on the -hackers list, with both the kernel panic and root shell exploits. -- Brian Tao (BT300, , Syst...
FreeBSD Security Officer — 83237806618 May 1996
= FreeBSD-SA-96:09 Security Advisory The FreeBSD Project, Inc. Topic: unauthorized access via mount_union / mount_msdos (vfsload) Category: core Modul...
FreeBSD Security Officer — 83237814218 May 1996
This is the second of two related security advisory notices. = FreeBSD-SA-96:10 Security Advisory The FreeBSD Project, Inc. Topic: system stability co...
FreeBSD Security Officer — 83239031318 May 1996*
= FreeBSD-SA-96:09 Security Advisory The FreeBSD Project, Inc. Topic: unauthorized access via mount_union / mount_msdos (vfsload) Category: core Modul...
Bruce Evans — 83239062218 May 1996
That's another problem with mount_union :-(. Somehow it hasn't crashed here yet after I ran the above and `mount_union ~/c ~/d' to test th...
Re: very bad (fwd) (2 Replies)
Dave Andersen — 83240292618 May 1996*
Since it's already out, I'm CC:'ing this to the general list. chmod u-s /sbin/mount_union is *not* a complete fix. The mount_msdos command...
Things NOT to put in root's crontab (fwd) (5 Replies)
Chris J. Layne — 83277870222 May 1996*
I think this applies to our cleanup of /tmp in /etc/rc == Chris Layne Nervosa Computing == == http://www.nervosa.com/~coredump == -- Forwarded message...
FreeBSD Security Officer — 83285237223 May 1996*
= FreeBSD-SA-96:11 Security Advisory Revised: Wed May 22 00:11:46 PDT 1996 FreeBSD, Inc. Topic: security compromise from man page utility Category: co...
md5 (1 Reply)
jamie — 83313749026 May 1996*
I have recently heard rumors of an md5 library for Crack. I have a small number of users on my system (20'ish) and all are ...well...users in the ...
ywliu — 83327593828 May 1996
Hi, Our FreeBSD system reports May 28 17:19:51 <hostname> /kernel: attempted source route from xxx.xxx.xxx.xxx to 192.72.150.2 It looks like som...
Alex Nash — 83328396128 May 1996
IP input processing drops source route packets by default (note that this differs from the original Net/3 code). If you want to allow source route pac...
Chris J. Layne — 83329955528 May 1996*
followup == Chris Layne Nervosa Computing == == http://www.nervosa.com/~coredump == -- Forwarded message -- Date: Mon, 27 May 1996 11:47:00 +1000 From...