Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 27 Feb 1998 22:35:36 -0800
From:      Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
To:        Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Cc:        Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>, freebsd-security@FreeBSD.ORG
Subject:   Re: OpenBSD Security Advisory: mmap() Problem 
Message-ID:  <199802280635.WAA02412@cwsys.cwsent.com>
In-Reply-To: Your message of "Fri, 27 Feb 1998 21:35:03 EST." <199802280235.VAA07394@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
> <<On Fri, 27 Feb 1998 17:37:00 -0800, Cy Schubert - ITSD Open Systems Group <
cschuber@uumail.gov.bc.ca> said:
> 
> > I've just posted a patch to FreeBSD-Security that makes this a moot 
> > point.  The XIG X server shouldn't work at securelevel > 0 anyway so 
> > the new patch allows their X server to write to /dev/mem while at 
> > securelevel -1.
> 
> Thereby perpetuating the original bug.  I'd rather ask Xi to fix their
> server; if we ask nicely, they'll probably comply (since the behavior
> in question is clearly bogus).  If not, then the behavior should be
> optional on ``COMPAT_XACCEL_BUG'' and not enabled by default.

I've already talked to them about the upcoming release of their new products.
They've told me that they're dropping support for FreeBSD and focusing on
Linux because FreeBSD doesn't sell X servers.  It will be unlikely that
they'll make any changes.  Let's go ahead and put out the Advisory, as
unsupported products should die anyhow.  If Xi no longer supports FreeBSD,
FreeBSD should not support Xi!!!

A COMPAT_XACCEL_BUG would probably not be a good idea because it could
be the cause of compromises of poorly configured systems.

It was worth a try to keep it running while I could, though.  I'll consider
removing Xi's server instead.

> 
> -GAWollman
> 
> --
> Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the sa
me
> wollman@lcs.mit.edu  | O Siem / The fires of freedom 
> Opinions not those of| Dance in the burning flame
> MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe security" in the body of the message
> 



Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
UNIX Support                   OV/VM:  BCSC02(CSCHUBER)
ITSD                          BITNET:  CSCHUBER@BCSC02.BITNET
Government of BC            Internet:  cschuber@uumail.gov.bc.ca
                                       Cy.Schubert@gems8.gov.bc.ca


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802280635.WAA02412>