Date: Thu, 28 Jan 1999 12:00:26 +0100 From: Eivind Eklund <eivind@FreeBSD.ORG> To: laurens van alphen <lva@dds.nl> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Security breach or VM flaw? (security check output) Message-ID: <19990128120026.C24242@bitbox.follo.net> In-Reply-To: <000601be4a4b$360dcfb0$ac1010ac@cow.craxx.com>; from laurens van alphen on Thu, Jan 28, 1999 at 12:17:30AM %2B0100 References: <000601be4a4b$360dcfb0$ac1010ac@cow.craxx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 28, 1999 at 12:17:30AM +0100, laurens van alphen wrote: > Hiya folks, > > This mornin' i received this daily security check output: > (of course, hostnames have been changes, dates/sizes have not) > > <host> setuid diffs: > 40c40 > < -r-xr-s--- 1 bin kmem 49152 Jul 22 10:14:47 1998 /usr/bin/netstat > --- > > -r-xr-s--- 1 bin kmem 49152 Jan 28 02:30:23 1999 /usr/bin/netstat > > Is seems as if netstat has adopted the time at which it was executed. That's exactly what has happened. It was a bug in the VM system, where read only pages sometimes (very seldom) were marked as dirty. I think it has been fixed in 2.2.8+. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990128120026.C24242>