Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Jonathan Peterson
Now imagine a big field, with a treasure chest in the middle of it - this is your security. Now, imagine the chest is buried in the field, and no-one saw me bury it. This is my security. Snip enormous security through obscurity tirade However, after playing Baldurs Gate 2

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Greg McCarroll
* Jonathan Peterson ([EMAIL PROTECTED]) wrote: Now imagine a big field, with a treasure chest in the middle of it - this is your security. Now, imagine the chest is buried in the field, and no-one saw me bury it. This is my security. Snip enormous security through

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Piers Cawley
Jonathan Peterson [EMAIL PROTECTED] writes: Now imagine a big field, with a treasure chest in the middle of it - this is your security. Now, imagine the chest is buried in the field, and no-one saw me bury it. This is my security. Snip enormous security through

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Mark Fowler
On Mon, 18 Jun 2001, Jonathan Peterson wrote: However, after playing Baldurs Gate 2 all weekend, I'm obliged to say that really if you have a priceless artifact that you don't want found, the trick is to give to a peasant, because no adventurer is going to go round killing every peasant in

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Lucy McWilliam
On Mon, 18 Jun 2001, Mark Fowler wrote: On Mon, 18 Jun 2001, Jonathan Peterson wrote: However, after playing Baldurs Gate 2 all weekend, I'm obliged to say that really if you have a priceless artifact that you don't want found, the trick is to give to a peasant, because no adventurer is

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Lucy McWilliam
On Mon, 18 Jun 2001, Lucy McWilliam wrote: However, after playing Baldurs Gate 2 all weekend, I'm obliged to say that really if you have a priceless artifact that you don't want found, the trick is to give to a peasant, because no adventurer is going to go round killing every

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Greg McCarroll
* Lucy McWilliam ([EMAIL PROTECTED]) wrote: I play Herod in a school play once. Go figure. Aargh...played. Maybe I should go and imbibe some of that caffeine stuff. For what its worth I saw nothing wrong with your original message. -- Greg McCarroll

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Niklas Nordebo
On Mon, Jun 18, 2001 at 09:38:44AM +0100, Jonathan Peterson wrote: However, after playing Baldurs Gate 2 all weekend, I'm obliged to say that really if you have a priceless artifact that you don't want found, the trick is to give to a peasant, because no adventurer is going to go round

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Greg McCarroll
* Niklas Nordebo ([EMAIL PROTECTED]) wrote: On Mon, Jun 18, 2001 at 09:38:44AM +0100, Jonathan Peterson wrote: However, after playing Baldurs Gate 2 all weekend, I'm obliged to say that really if you have a priceless artifact that you don't want found, the trick is to give to a peasant,

Re: (Open|Net)BSD local root exploit

2001-06-18 Thread Greg McCarroll
* Niklas Nordebo ([EMAIL PROTECTED]) wrote: On Mon, Jun 18, 2001 at 06:11:39PM +0100, Greg McCarroll wrote: you know that game far to well! ;-) Probalby. While we're on the subject of computer games I recently found Civilization: Call to power on sale at HMV. Since I didn't like Civ 2

Re: (Open|Net)BSD local root exploit

2001-06-17 Thread Chris Devers
On Sat, 16 Jun 2001, David Cantrell wrote: As there's plenty of BSDers here, and I expect that at least some of you don't subscribe to Bugtraq and friends ... http://www.securityfocus.com/vdb/?id=2873 Does this count as the end of [Net?]BSD's $years of having no exploits? -- Chris

Re: (Open|Net)BSD local root exploit

2001-06-17 Thread Niklas Nordebo
On Sun, Jun 17, 2001 at 10:46:21AM -0400, Chris Devers wrote: Does this count as the end of [Net?]BSD's $years of having no exploits? OpenBSD still claims 4 years without a remote hole in the default install. ISTR they had a couple of years without a local hole too, but that they found some

(Open|Net)BSD local root exploit

2001-06-16 Thread David Cantrell
As there's plenty of BSDers here, and I expect that at least some of you don't subscribe to Bugtraq and friends ... http://www.securityfocus.com/vdb/?id=2873 -- David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david/ Good advice is always certain to be ignored, but

Re: (Open|Net)BSD local root exploit

2001-06-16 Thread Greg McCarroll
* David Cantrell ([EMAIL PROTECTED]) wrote: As there's plenty of BSDers here, and I expect that at least some of you don't subscribe to Bugtraq and friends ... http://www.securityfocus.com/vdb/?id=2873 Yeah but its a local exploit, so it ain't that bad. I'm generally of the opinion

Re: (Open|Net)BSD local root exploit

2001-06-16 Thread David Cantrell
On Sat, Jun 16, 2001 at 08:58:02PM +0100, Greg McCarroll wrote: ... ADD discussion on the horizon ... So, anyone else up for some swords n' sorcery malarkey? -- David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david/ Good advice is always certain to be ignored,