Bugtraq mailing list archives
Re: OpenBSD 2.9,2.8 local root compromise
From: Peter van Dijk <peter () dataloss nl>
Date: Sat, 16 Jun 2001 12:00:54 +0200
On Fri, Jun 15, 2001 at 11:27:23AM -0400, Tony Lambiris wrote:
AFAIK its been fixed in -current, and it _will_ be in errata shortly.. in the meantime, there is a hotfix for the code itself, read the mailing lists.. OR in /etc/fstab, make /tmp nosuid and noexec, then mount -u /tmp (you did make tmp a seperate partition.. didn tyou?)
There are about a 1000 other places on a machine people can stick the file to be executed. The actual problem is not tmp-related, the provided exploit just happens to use /tmp. Making /tmp nosuid and noexec will only stop the kiddo's that are too stupid to change the exploit to work on such machines. Greetz, Peter -- Against Free Sex! http://www.dataloss.nl/Megahard_en.html
Current thread:
- OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Rick Updegrove (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise dmuz (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Tony Lambiris (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Peter van Dijk (Jun 16)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise jon (Jun 15)
- <Possible follow-ups>
- RE: OpenBSD 2.9,2.8 local root compromise Brian McKinney (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)