[Mongrel] Attention FreeBSD Gurus

snacktime snacktime at gmail.com
Fri Jan 26 01:56:25 EST 2007


On 1/26/07, Zed A. Shaw <zedshaw at zedshaw.com> wrote:

> I'd like to know the following from the FreeBSD crew:
>
> 1) Are there any potential malicious potentials to this?  I don't assume any intent, but would like to know if I need to rush out a fix if there's a hackable problem with this (even theoretical).

Only if there is some way to change the arguments to sysctl, and then
only if you are root.       As far as I know most of the kernel states
are readable via sysctl by any user.

> 2) What would be the un-ghetto way to do this same check?

There probably isn't one, as several of the freebsd rc scripts do
basically the same thing.

Chris


More information about the Mongrel-users mailing list