[11236] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

chflags() [heads up]

daemon@ATHENA.MIT.EDU (Adam Morrison)
Tue Aug 3 11:32:17 1999

Message-Id:  <199908011620.TAA07095@vortex.xpert.com>
Date:         Sun, 1 Aug 1999 19:20:45 +0300
Reply-To: Adam Morrison <adam@XPERT.COM>
From: Adam Morrison <adam@XPERT.COM>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

From the OpenBSD change logs:

RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v
----------------------------
revision 1.59
date: 1999/07/30 18:27:47;  author: deraadt;  state: Exp;  lines: +20 -1
do not permit regular users to chflags/fchflags on chr or blk devices --
even if they happen to own them at the moment.

NetBSD-current has this fixed as of the following revision of
vfs_syscalls.c.

	$NetBSD: vfs_syscalls.c,v 1.146 1999/07/31 03:18:43 christos

From quick inspection, FreeBSD appears to be vulnerable.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[11236] in bugtraq

chflags() [heads up]

daemon@ATHENA.MIT.EDU (Adam Morrison)Tue Aug 3 11:32:17 1999

daemon@ATHENA.MIT.EDU (Adam Morrison)
Tue Aug 3 11:32:17 1999