Date: Thu, 17 Feb 2000 08:31:42 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: Omachonu Ogali <oogali@intranova.net> Cc: Dmitry Valdov <dv@dv.ru>, Warner Losh <imp@village.org>, Brett Glass <brett@lariat.org>, Bill Fumerola <billf@chc-chimes.com>, Kuzak <kuzak@kuzak.net>, freebsd-security@FreeBSD.ORG Subject: Re: Doscmd Message-ID: <Pine.BSF.4.21.0002170823140.36740-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.4.10.10002171030240.91789-100000@hydrant.intranova.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 17 Feb 2000, Omachonu Ogali wrote: > Well, If you're su'ing to get to use it, what's the purpose of the > exploit? Another nifty shell? I talked to the packetstorm guy and he said this exploit was intended for pre-3.2 versions of FreeBSD which has doscmd setgid kmem (prior to rev 1.13.2.2 of the makefile). If you're still running an old version you should remove the setgid bit. The umount "exploit" was in case the admin had made umount setugid so users can mount volumes (instead of the correct way, sysctl -w vfs.usermount = 1). I haven't verified whether this exploit actually does anything. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0002170823140.36740-100000>