Date: Thu, 27 Jun 1996 16:45:45 -0700 From: Michael Constant <mconst@typhoon-ether.Berkeley.EDU> To: guido@gvr.win.tue.nl, root@edmweb.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Message-ID: <199606272345.QAA28812@maelstrom.Berkeley.EDU>
next in thread | raw e-mail | index | archive | help
> I'm using FreeBSD 2.1.0-RELEASE. Is it sufficent to remove the suid bit > from the suidperl binaries? Or do I also have to search for scripts with > the suid bit? Removing the setuid bit from the binaries is all you need. The kernel ignores the setuid bit on scripts -- that's why suidperl is necessary in the first place. - Michael Constant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606272345.QAA28812>