Den 02/10/2012 kl. 23.44 skrev Xin Li <[email protected]>: > On 10/02/12 07:45, Eitan Adler wrote: >> On 2 October 2012 08:38, Erik Cederstrand <[email protected]> >> wrote: >>> Den 01/10/2012 kl. 13.55 skrev Eitan Adler >>> <[email protected]>: >>> >>>> On 1 October 2012 07:08, Konstantin Belousov >>>> <[email protected]> wrote: >>>>> I do not believe in the dreadful 'flood ping' security >>>>> breach. Is a local escalation possible with non-dropped root >>>>> ? >>>> >>>> It is clearly a local escalation: a non-root user can do >>>> something which was intended only for root. It is a different >>>> question how serious the breach is. >>> >>> Are there any objections to the path I attached in my first post? >>> To the approach in general? If not, I'll send a PR so it doesn't >>> get lost. >> Not by me. Please cc me on the PR as I'll commit if no one else >> objects. > > It doesn't seem hurt in general but if you are going to commit it > please also change the other instances in the base system.
I'll do my best. There are around 200 of these in base, but some are the result of macro expansion so it may not be too bad. Erik_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
