Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 28 Dec 1999 14:06:30 -0500 (EST)
From:      Spidey <beaupran@iro.umontreal.ca>
To:        freebsd-security@freebsd.org
Subject:   ports/15577: Amanda 2.3.0 runtar program allow any user to run tar as root
Message-ID:  <14441.2614.114877.349074@anarcat.dyndns.org>

next in thread | raw e-mail | index | archive | help
Hi. 

I don't know if any of you took a look at this PR I made, but I think
it would be a good idea. 

I would like to have your advice on the modifications I am
suggesting. 

Also, it would be urgent to mark the port either as broken or commit
the fix, as, right now, anyone who installs the amanda 2.3 package
from the ports or the packages is very likely to get *wacked* by its
local users. 

Should I have posted this earlier to the list? I thought someone would
have noticed the PR...

Thanks.

The AnarCat

-- 
Si l'image donne l'illusion de savoir
C'est que l'adage pretend que pour croire,
L'important ne serait que de voir

Lofofora


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14441.2614.114877.349074>