Date: Wed, 3 Oct 2001 09:44:34 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Vivek Khera <khera@kcilink.com> Cc: stable@FreeBSD.ORG Subject: Re: something strange in 4.4-Stable ? Message-ID: <20011003094434.B36692@xor.obsecurity.org> In-Reply-To: <x71ykkdcnn.fsf@onceler.kciLink.com>; from khera@kcilink.com on Wed, Oct 03, 2001 at 10:24:44AM -0400 References: <20011001015730.A1032@uni-duesseldorf.de> <20010930204335.A53631@xor.obsecurity.org> <x71ykkdcnn.fsf@onceler.kciLink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--FkmkrVfFsRoUs1wW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 03, 2001 at 10:24:44AM -0400, Vivek Khera wrote: > >>>>> "KK" =3D=3D Kris Kennaway <kris@obsecurity.org> writes: >=20 > KK> Read the release notes for 4.4-R. >=20 > KK> ~/.login_conf was disabled until we can fix a security vulnerability. >=20 > Damn! This breaks my anonymous ftp upload security. Now the umask > for uploaded files is not preventing re-download. Is there no way to > re-enable it as this is the only .login_conf file on the whole system. Stick it in /etc/login.conf Kris --FkmkrVfFsRoUs1wW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7u0BxWry0BWjoQKURAqPTAKCNc5qV3uy7DilKbemgFh2g98YbAACdFIjL 8qPeOBPnE+KzfKtg/EhQsEM= =loiB -----END PGP SIGNATURE----- --FkmkrVfFsRoUs1wW-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011003094434.B36692>