Den 02/10/2012 kl. 23.44 skrev Xin Li <[email protected]>: > On 10/02/12 07:45, Eitan Adler wrote: >> On 2 October 2012 08:38, Erik Cederstrand <[email protected]> >> wrote: >>> Den 01/10/2012 kl. 13.55 skrev Eitan Adler >>> <[email protected]>: >>>=20 >>>> On 1 October 2012 07:08, Konstantin Belousov >>>> <[email protected]> wrote: >>>>> I do not believe in the dreadful 'flood ping' security >>>>> breach. Is a local escalation possible with non-dropped root >>>>> ? >>>>=20 >>>> It is clearly a local escalation: a non-root user can do >>>> something which was intended only for root. It is a different >>>> question how serious the breach is. >>>=20 >>> Are there any objections to the path I attached in my first post? >>> To the approach in general? If not, I'll send a PR so it doesn't >>> get lost. >> Not by me. Please cc me on the PR as I'll commit if no one else >> objects. >=20 > It doesn't seem hurt in general but if you are going to commit it > please also change the other instances in the base system. I'll do my best. There are around 200 of these in base, but some are the = result of macro expansion so it may not be too bad. Erik= _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"