On Tue, Aug 10, 1999 at 12:28:20PM -0700, Ross Harvey wrote: > I would have preinformed Sun had I not been under the impression that they > had fixed it, although it shouldn't matter much given the high degree of > difficulty in constructing an exploit. > > I wasn't as worried about the other BSD's, because the simple NetBSD patch > that was included should work OK at any BSD site. OpenBSD has applied the > NetBSD patch to their current sources, but note that all releases of all > BSD kernels prior to NetBSD 1.4.1 (which is in process and expected later > this week) appear to have this bug. The code in FreeBSD is somewhat different (it is actually amazingly close, given that the code was written twice, by two different parties); patch (not tested) below. Index: kern_exec.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_exec.c,v retrieving revision 1.99 diff -u -r1.99 kern_exec.c --- kern_exec.c 1999/04/27 11:15:55 1.99 +++ kern_exec.c 1999/08/11 13:29:28 @@ -229,6 +229,9 @@ p->p_fd = tmp; } + /* stop profiling */ + stopprofclock(p); + /* close files on exec */ fdcloseexec(p); Eivind.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:58:24 PDT