Date: Fri, 27 Feb 1998 21:35:03 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: OpenBSD Security Advisory: mmap() Problem Message-ID: <199802280235.VAA07394@khavrinen.lcs.mit.edu> In-Reply-To: <199802280137.RAA00985@cwsys.cwsent.com> References: <199802272042.MAA16246@burka.rdy.com> <199802280137.RAA00985@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 27 Feb 1998 17:37:00 -0800, Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> said: > I've just posted a patch to FreeBSD-Security that makes this a moot > point. The XIG X server shouldn't work at securelevel > 0 anyway so > the new patch allows their X server to write to /dev/mem while at > securelevel -1. Thereby perpetuating the original bug. I'd rather ask Xi to fix their server; if we ask nicely, they'll probably comply (since the behavior in question is clearly bogus). If not, then the behavior should be optional on ``COMPAT_XACCEL_BUG'' and not enabled by default. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802280235.VAA07394>