vulnerability in su?

Kris Kennaway kris at
Sun Nov 9 03:28:11 PST 2003

On Sat, Nov 08, 2003 at 08:23:25PM -0500, kirt wrote:

> is this a known issue?  i didn't search to hard for a fix or anything since i quickly 
> fixed it myself, but i thought that a situation like that could make for some interesting 
> (read *bad*) situations.

It's certainly possible to compromise your system in this way if you
incorrectly update your /etc (e.g. by making a mistake with mergemaster).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list