tech-security: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot]

Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot]
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
From: Charles M. Hannum <root@ihack.net>
List: tech-security
Date: 08/27/1999 14:43:40

  by redmail.netbsd.org with SMTP; 27 Aug 1999 18:41:38 -0000
	by bikini.ihack.net (8.8.8/8.8.8) id OAA02503;
	Fri, 27 Aug 1999 14:43:40 -0400 (EDT)
Date: Fri, 27 Aug 1999 14:43:40 -0400 (EDT)
Message-Id: <199908271843.OAA02503@bikini.ihack.net>
From: "Charles M. Hannum" <root@ihack.net>
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
Cc: tech-security@netbsd.org, tech-userlevel@netbsd.org
Subject: Re: [secure@FREEBSD.LUBLIN.PL: FreeBSD (and other BSDs?) local root explot]


I already fixed out fts(3) -- including several problems that still
exist in the OpenBSD implementation.

Someone needs to write up an advisory.