Date: Thu, 2 Dec 1999 09:07:05 -0800 From: Matthew Hunt <mph@astro.caltech.edu> To: Matt Behrens <matt@zigg.com> Cc: security@FreeBSD.ORG Subject: Re: [Re: [btellier@USA.NET: Several FreeBSD-3.3 vulnerabilities] ] Message-ID: <19991202090705.A21828@wopr.caltech.edu> In-Reply-To: <Pine.BSF.4.21.9912020704020.89183-100000@megaweapon.zigg.com>; from matt@zigg.com on Thu, Dec 02, 1999 at 07:04:40AM -0500 References: <Pine.BSF.4.05.9912012251010.86543-100000@leaf.lumiere.net> <Pine.BSF.4.21.9912020704020.89183-100000@megaweapon.zigg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 02, 1999 at 07:04:40AM -0500, Matt Behrens wrote: > Isn't that what happened? Didn't Mr. Tellier say that the security > officer had ``contacted the maintainers''? I wasn't going to bother bringing this up in public, but I am one of the affected maintainers, and I never heard anything about it until Kris marked games/angband BROKEN. I'm not placing blame and I haven't investigated the issue closely, I'm just saying I never got an email in my inbox about it. I'm currently investigating the ramifications of installing angband non-sgid. I think this requires one or more mode 1777 directories. Do we have any policies against ports creating such directories? Should the user be warned in some way? Matt -- Matthew Hunt <mph@astro.caltech.edu> * Stay close to the Vorlon. http://www.pobox.com/~mph/ * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991202090705.A21828>