Date: Tue, 16 Jul 1996 17:43:48 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Paul Danckaert <pauld@umbc.edu> Cc: freebsd-security@freebsd.org Subject: Re: [linux-security] sliplogin (fwd) Message-ID: <199607162343.RAA27085@rocky.mt.sri.com> In-Reply-To: <Pine.SGI.3.91.960716185055.7842B-100000@umbc7.umbc.edu> References: <Pine.SGI.3.91.960716185055.7842B-100000@umbc7.umbc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
[ Linux sliplogin bug ] > Interesting. The code is the same on FreeBSD, it looks like. However, on > the default distributed system, there isn't a /etc/sliphome directory, > which is necessary for sliplogin to startup correctly. Therefore the > standard FreeBSD distribution dies out before it gets anywhere near the > system command. If you do run slip off of your system however, its much > more possible that bad things can happen.. Also, note the following: revision 1.6 date: 1996/04/24 20:18:25; author: pst; state: Exp; lines: +9 -0 Close a security hole in sliplogin. If you use sliplogin as a user shell (in /etc/passwd) upgrade to this version. Reviewed by: bde, peter Submitted by: AUS CERT Obtained from: Linux sliplogin-2.02 So, even if you setup /etc/sliphome, your system won't be vulnerable. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607162343.RAA27085>