Date: Tue, 23 Feb 1999 03:21:09 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/sysutils/wmmon Makefile ports/sysutils/wmmon/pkg DESCR Message-ID: <199902231121.DAA63159@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
kris 1999/02/23 03:21:09 PST Modified files: sysutils/wmmon Makefile sysutils/wmmon/pkg DESCR Log: The wmmon port likes to install itself setuid root. Unfortunately, it has a major security hole (and at least one minor one) resulting in a local root exploit. Until a better fix is available, this patch installs the binary chmod go-s, meaning you must be root to run it. If anyone is using this in a multi-user environment they are strongly advised to remove the setuid bit. Submitted by: Steve Reid <sreid@alpha.sea-to-sky.net> Revision Changes Path 1.6 +3 -3 ports/sysutils/wmmon/Makefile 1.2 +4 -0 ports/sysutils/wmmon/pkg/DESCR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902231121.DAA63159>