Re: Root exploit for FreeBSD

From: Stacey Son <sson_at_FreeBSD.org>
Date: Fri, 11 Dec 2009 07:13:40 -0600
On Dec 10, 2009, at 8:41 AM, Anton Shterenlikht wrote:

>> From my information security manager:
> 
> 	FreeBSD isn't much used within the University (I understand) and has a
> 	(comparatively) poor security record. Most recently, for example:
> 
> 	http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html



From http://www.serverwatch.com/eur/article.php/3850401/FreeBSD-Shines-While-Apple-Fails.htm

> All software has bugs, but it's how people react when things go wrong that you can judge them. Did the FreeBSD folks sit around and do nothing? Did they busy themselves with other things and leave 8.0, 7.1 and 7.0 users vulnerable to pwnage? No, they did not! A matter of hours later Colin Percival, FreeBSD's security officer, made this announcement:
> 
> A short time ago a 'local root' exploit was posted to the full-disclosure mailing list; as the name suggests, this allows a local user to execute arbitrary code as root ... since exploit code is already widely available I want to make a patch available ASAP.
> And with that, he released said patch.
> 

So what OS does your information security manager run on his {desk,lap}top?

-stacey.
Received on Fri Dec 11 2009 - 13:16:17 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:59 UTC