Yesterday really serious security bug was found in FreeBSD (from 7.1 to 8.0). Using public exploit local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug:
% cd /usr/src/libexec/rtld-elf/
% fetch http://people.freebsd.org/~cperciva/rtld.patch
% cat rtld.patch | patch -p1
% make && make install && make clean
Thanks to soko1 from truebsd.org.
 |
 |
 |
 |
 |
|
|
 |
| Friendly Sites: | Who is behind Linux Screw? |
|
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu! My SysAd Blog | Web Upd8 ZEPY | Linux config Wiki | Planet Sysadmin a non-geek's linux notes | Linux Today Linux HOWTOs, Tutorials & Projects with Adam Palmer | LinuxAlt.Com |
My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ›› |
this patch is entended to work on freebsd 7.1 ?
Here’s my output:
Hmm… Looks like a unified diff to me…
The text leading up to this was:
————————–
|Index: rtld.c
|===================================================================
|— rtld.c (revision 199977)
|+++ rtld.c (working copy)
————————–
Patching file rtld.c using Plan A…
Hunk #1 failed at 366.
1 out of 1 hunks failed–saving rejects to rtld.c.rej
done
I’ve looked in the rtld.c and the line 366 don’t match.. is there another version ?