NetBSD

Commit Graph

Author	SHA1	Message	Date
cgd	a128c34f9c	From: Guido van Rooij <guido@gvr.win.tue.nl> when mmapping a file, permissions are checked as it should be. When mprotect()-ing the address range afterwards, no protection was checked regarding the protection of the file originally opened. So when you open /usr/bin/su RDONLY and SHARED you could afterwards change the mmapped region to READ\|WRITE. This gave the possibility to obtain root privs obviously.	1993-04-09 17:16:30 +00:00
cgd	61f282557f	initial import of 386bsd-0.1 sources	1993-03-21 09:45:37 +00:00

Author

SHA1

Message

Date

cgd

a128c34f9c

From: Guido van Rooij <guido@gvr.win.tue.nl>

when mmapping a file, permissions are checked as it should be. When
mprotect()-ing the address range afterwards, no protection was checked
regarding the protection of the file originally opened. So
when you open /usr/bin/su RDONLY and SHARED you could afterwards change
the mmapped region to READ|WRITE. This gave the possibility to obtain
root privs obviously.

1993-04-09 17:16:30 +00:00

cgd

61f282557f

initial import of 386bsd-0.1 sources

1993-03-21 09:45:37 +00:00

1 2

52 Commits