Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!newsxfer3.itd.umich.edu!agate!theos.com!deraadt From: deraadt@theos.com (Theo de Raadt) Newsgroups: comp.os.linux.advocacy,comp.unix.bsd.misc,comp.os.linux.misc Subject: Re: Linux vs BSD Date: 07 Feb 1997 14:35:45 GMT Organization: Theo Ports Kernels For Fun And Profit Lines: 19 Message-ID: <DERAADT.97Feb7073546@zeus.theos.com> References: <32DFFEAB.7704@usa.net> <KETIL-ytqiv47v56j.fsf@pinro.imr.no> <5daavp$8lp@panix2.panix.com> <KETIL-ytqbu9yfheu.fsf@imr.no> <5dfcpj$t45@agate.berkeley.edu> NNTP-Posting-Host: zeus.theos.com In-reply-to: nickkral@cal.alumni.berkeley.edu's message of 7 Feb 1997 14:04:35 GMT Xref: euryale.cc.adfa.oz.au comp.os.linux.advocacy:82823 comp.unix.bsd.misc:2368 comp.os.linux.misc:156837 In article <5dfcpj$t45@agate.berkeley.edu> nickkral@cal.alumni.berkeley.edu (Nick Kralevich) writes: I'm suprised that no one has mentioned that all current FreeBSD releases have a bug that allows ANY suid program to be used to gain root access. Please don't extrapolate this towards the other BSD systems, though ;) Actually, BSD code was far from perfect. No code ever is. Except perhaps /usr/bin/true. Or the fact that FreeBSD security holes aren't even posted to the FreeBSD newsgroup. Or that the bug was reported in many public places more than a week ago by Thomas Ptacek. But I can see how absolutely harrowing this discovery must be to the FreeBSD developers. -- This space not left unintentionally unblank. deraadt@theos.com www.OpenBSD.org -- We're fixing security problems so you can sleep at night.