Yesterday really serious security bug was found in FreeBSD (from 7.1 to 8.0). Using public exploit local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug:
% cd /usr/src/libexec/rtld-elf/
% fetch http://people.freebsd.org/~cperciva/rtld.patch
% cat rtld.patch | patch -p1
% make && make install && make clean
Thanks to soko1 from truebsd.org.
this patch is entended to work on freebsd 7.1 ?
Here’s my output:
Hmm… Looks like a unified diff to me…
The text leading up to this was:
————————–
|Index: rtld.c
|===================================================================
|— rtld.c (revision 199977)
|+++ rtld.c (working copy)
————————–
Patching file rtld.c using Plan A…
Hunk #1 failed at 366.
1 out of 1 hunks failed–saving rejects to rtld.c.rej
done
I’ve looked in the rtld.c and the line 366 don’t match.. is there another version ?