[Mongrel] Attention FreeBSD Gurus
snacktime at gmail.com
Fri Jan 26 01:56:25 EST 2007
On 1/26/07, Zed A. Shaw <zedshaw at zedshaw.com> wrote:
> I'd like to know the following from the FreeBSD crew:
> 1) Are there any potential malicious potentials to this? I don't assume any intent, but would like to know if I need to rush out a fix if there's a hackable problem with this (even theoretical).
Only if there is some way to change the arguments to sysctl, and then
only if you are root. As far as I know most of the kernel states
are readable via sysctl by any user.
> 2) What would be the un-ghetto way to do this same check?
There probably isn't one, as several of the freebsd rc scripts do
basically the same thing.
More information about the Mongrel-users