December 2, 2009 at 15:41Fix a critical vulnerability on FreeBSD in 4 steps
Probably many have heard about a very serious vulnerability in FreeBSD (from 7.1 to 8.0) that allows root access from a regular user (locally).
I will not post links to the exploit in order to have less pests, but the exploit has just personally checked and made sure that it works.
I don’t have much desire to wait for corrections to be included in the cvs / svn tree, and the system again does not really pull the whole system again. Therefore, I bring to your attention a simpler, but equally effective way to fix the problem in four lines: All the best!
I will not post links to the exploit in order to have less pests, but the exploit has just personally checked and made sure that it works.
I don’t have much desire to wait for corrections to be included in the cvs / svn tree, and the system again does not really pull the whole system again. Therefore, I bring to your attention a simpler, but equally effective way to fix the problem in four lines: All the best!
% cd /usr/src/libexec/rtld-elf/
% fetch http://people.freebsd.org/~cperciva/rtld.patch
% cat rtld.patch | patch -p1
% make && make install && make clean