>Greetings, > Confirmed ff.core exploit does exist in Solaris 7, server >edition. System is straight installation, no patches of any category >available for 7 from Sunsolve yet. There's another workaround for the "ff.core" bug rather than taking away it's set-uid permissions. The workaround is: chmod a-w /vol/* (Best added to the volmgt starup script in the following fashion, after the line that starts vold: while sleep 1 do if [ -d /vol/rmt ] then chmod a-w /vol/* break fi done & This leaves a 1 second window or so of vulnerability at boot time which you can prevent by starting vold earlier than cron & inetd. Casper
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:53 PDT