Date: Mon, 30 Aug 1999 12:15:18 +1000 From: Bruce Evans <bde@zeta.org.au> To: dynamo@ime.net, imp@village.org Cc: security@FreeBSD.ORG Subject: Re: Not sure if you got it... Message-ID: <199908300215.MAA01056@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>Index: rc
>===================================================================
>RCS file: /home/imp/FreeBSD/CVS/src/etc/rc,v
>retrieving revision 1.195
>diff -u -r1.195 rc
>--- rc 1999/08/27 23:23:43 1.195
>+++ rc 1999/08/30 00:14:44
>@@ -129,8 +129,11 @@
>
> clean_var() {
> if [ ! -f /var/run/clean_var ]; then
>+ chflags -R 0 /var/run/* > /dev/null 2>&1
Clearing superuser flags is wrong. If they were set by root, then root
must want them. If they were set by an intruder then they would have
been fixed appropriately by the previous security pass :-).
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908300215.MAA01056>