Date: Fri, 27 Feb 1998 22:35:36 -0800 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>, freebsd-security@FreeBSD.ORG Subject: Re: OpenBSD Security Advisory: mmap() Problem Message-ID: <199802280635.WAA02412@cwsys.cwsent.com> In-Reply-To: Your message of "Fri, 27 Feb 1998 21:35:03 EST." <199802280235.VAA07394@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> <<On Fri, 27 Feb 1998 17:37:00 -0800, Cy Schubert - ITSD Open Systems Group < cschuber@uumail.gov.bc.ca> said: > > > I've just posted a patch to FreeBSD-Security that makes this a moot > > point. The XIG X server shouldn't work at securelevel > 0 anyway so > > the new patch allows their X server to write to /dev/mem while at > > securelevel -1. > > Thereby perpetuating the original bug. I'd rather ask Xi to fix their > server; if we ask nicely, they'll probably comply (since the behavior > in question is clearly bogus). If not, then the behavior should be > optional on ``COMPAT_XACCEL_BUG'' and not enabled by default. I've already talked to them about the upcoming release of their new products. They've told me that they're dropping support for FreeBSD and focusing on Linux because FreeBSD doesn't sell X servers. It will be unlikely that they'll make any changes. Let's go ahead and put out the Advisory, as unsupported products should die anyhow. If Xi no longer supports FreeBSD, FreeBSD should not support Xi!!! A COMPAT_XACCEL_BUG would probably not be a good idea because it could be the cause of compromises of poorly configured systems. It was worth a try to keep it running while I could, though. I'll consider removing Xi's server instead. > > -GAWollman > > -- > Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the sa me > wollman@lcs.mit.edu | O Siem / The fires of freedom > Opinions not those of| Dance in the burning flame > MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 UNIX Support OV/VM: BCSC02(CSCHUBER) ITSD BITNET: CSCHUBER@BCSC02.BITNET Government of BC Internet: cschuber@uumail.gov.bc.ca Cy.Schubert@gems8.gov.bc.ca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802280635.WAA02412>