Bugtraq mailing list archives
Re: FreeBSD (and other BSDs?) local root explot
From: Todd.Miller () COURTESAN COM (Todd C. Miller)
Date: Fri, 27 Aug 1999 09:34:11 -0600
This looks like the BSD libc fts.c bug discussed here in May. OpenBSD is not vulnerable to this since it does not follow symlinks when dumping core. Also, I committed a fix in OpenBSD to the fts.c bug (based on the bugtraq posting) shortly after it was found. As a result find did not get a SEGV on OpenBSD-current (and if it had find.core would not have followed the link anyway). I have passed along the fts.c patch to the NetBSD folks and I know that one of the FreeBSD guys was recently working on incorporating changes from the OpenBSD fts.c. I don't see the relevant change in FreeBSD-current though. is going to disallow core dumps through a symlink--I would encourage FreeBSD to do the same. - todd
Current thread:
- FreeBSD (and other BSDs?) local root explot Przemyslaw Frasunek (Aug 24)
- Re: FreeBSD (and other BSDs?) local root explot Todd C. Miller (Aug 27)
- <Possible follow-ups>
- Re: FreeBSD (and other BSDs?) local root explot Stas Kisel (Aug 26)