Re: Vulnerability in vixie cron?
Hi,
Oliver Fromme wrote:
> Hi,
>
> (...)
>
> Any information would be appreciated.
>
This issue was already discussed few weeks ago on this list.
http://lists.freebsd.org/pipermail/freebsd-hackers/2006-June/016729.html
In default configuration, this issue is not exploitable because a call
to setuid(2) could fail only for non-root user. Anyway setuid(2) return
value must be always checked and I guess this issue was fixed in HEAD
and probably in RELENG_6 ?
Sincerely,
Clem
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)