OT FYI FreeBSD
Howie
howiewz at beonthenet.com
Wed Apr 6 08:46:28 PDT 2005
Just a heads up.
I know that some of you are using FreeBSD and I just received the following
from my web hosting company:
FreeBSD VPS2/MPS2
A local user could create a large file and truncate it while
transferring it to himself, thus obtaining a copy of portions of system
memory to which he would normally not have access. Such memory
might contain sensitive information, such as portions of the file cache
or terminal buffers. This information might be directly useful, or
it might be leveraged to obtain elevated privileges in some way.
For example, a terminal buffer might include a user-entered
password.
There is a patch which they are going to apply but I don't know what it is.
Howie
More information about the Filepro-list
mailing list