Return to BSD News archive
Path: sserve!newshost.anu.edu.au!munnari.oz.au!bunyip.cc.uq.oz.au!harbinger.cc.monash.edu.au!yeshua.marcam.com!usc!howland.reston.ans.net!EU.net!sun4nl!tuegate.tue.nl!news.win.tue.nl!wzv.win.tue.nl!gvr.win.tue.nl!guido From: guido@gvr.win.tue.nl (Guido van Rooij) Newsgroups: comp.os.386bsd.bugs Subject: Re: cron..again..fix it already :) Date: 22 Jan 1994 13:42:12 GMT Organization: Eindhoven University of Technology, The Netherlands Lines: 25 Message-ID: <2hrafk$c5o@wzv.win.tue.nl> References: <2hpvvuINNf8u@dds.hacktic.nl> NNTP-Posting-Host: gvr.win.tue.nl cor@dds.hacktic.nl (Cor Bosman) writes: >I was amazed to see that at least one of the _extremely_ trivial >ways to get root on a *bsd machine still works on FreeBSD. >A friend of mine just installed the current version, and >just for the hell of it I tried it..and it still works.. >Maintainers of freebsd..please update the vixiecron that comes >with it..its a very big security risk. I believe Vixie made a >newer, somewhat more secure version. >Cor... It will be commited either tonight or tomorrow by me. The reason for me to wait was because we needed to commit another bug fix in order for the new cron to be commited. And of course time. All I can say about the old version is: don't use it. >-- >test123 -Guido -- Guido van Rooij | Internet: guido@gvr.win.tue.nl Bisschopsmolen 16 | Phone: ++31.40.461433 5612 DS Eindhoven | ((12+144+20)+3*sqrt(4))/7 The Netherlands | +(5*11)=9^2+0