Subject: Re: vvopenbsd.c exploit for kern_exec.c
To: None <>
From: Ed Ravin <>
List: tech-security
Date: 07/14/2001 00:01:49
Jason R Thorpe writes:
> On Wed, Jul 04, 2001 at 05:17:41PM -0400, Anne Bennett wrote:
[about the NetBSD ptrace vulnerability and the promised NetBSD security
>  > I haven't seen it yet.  Did I miss something?
> I just hassled the security-officer about it.

Perhaps some more hassling is needed.  Also, for those of us still using
1.4, what is the recommended fix?  My shop ended up disabling ptrace()
in the kernel, but we'd prefer not to lose that functionality.