ports/112754: VERY SERIOUS security bug in sysutils/eject
Cristian KLEIN
cristi at net.utcluj.ro
Wed Jul 18 12:10:08 UTC 2007
The following reply was made to PR ports/112754; it has been noted by GNATS.
From: Cristian KLEIN <cristi at net.utcluj.ro>
To: bug-followup at FreeBSD.org, ighighi at gmail.com
Cc:
Subject: Re: ports/112754: VERY SERIOUS security bug in sysutils/eject
Date: Wed, 18 Jul 2007 15:01:17 +0300
Besides the change suggested by the reporter, I would also recommend the
following pkg-message:
NOTE: This port is no longer installed with SETUID, because it allows
non-privileged users to unmount a filesystem. To enable your users to
eject the CD-ROM, install security/sudo and enter the following line in
/usr/local/etc/sudoers:
%users ALL=/usr/local/sbin/eject /dev/acd0
More information about the freebsd-ports-bugs
mailing list