From owner-doc-jp@jp.freebsd.org  Sat Mar 25 10:40:08 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id KAA65052;
	Sat, 25 Mar 2000 10:40:08 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from smtp04.246.ne.jp (smtp04.246.ne.jp [210.253.192.38])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id KAA65047
	for <doc-jp@jp.freebsd.org>; Sat, 25 Mar 2000 10:40:07 +0900 (JST)
	(envelope-from y-koga@jp.FreeBSD.org)
Received: (qmail 13895 invoked by alias); 25 Mar 2000 10:40:01 +0900
Message-ID: <20000325014001.13893.qmail@smtp.246.ne.jp>
Received: (qmail 13876 invoked from network); 25 Mar 2000 10:40:00 +0900
Received: from tp4hr152.246.ne.jp (HELO localhost) (210.253.193.152)
  by smtp.246.ne.jp with SMTP; 25 Mar 2000 10:40:00 +0900
To: doc-jp@jp.freebsd.org
In-Reply-To: <200003231425.XAA19163@mail.geocities.co.jp>
References: <20000315173626.120F537C0AF@hub.freebsd.org>
	<200003231425.XAA19163@mail.geocities.co.jp>
X-Mailer: Mew version 1.94.2 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Sat, 25 Mar 2000 10:40:01 +0900
From: Koga Youichirou <y-koga@jp.freebsd.org>
X-Dispatcher: imput version 20000228(IM140)
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7218
Subject: [doc-jp 7218] Re: ANNOUNCE: FreeBSD Security Advisory:
 FreeBSD-SA-00:09.mtr
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: y-koga@jp.freebsd.org

Hiroki Sato <hrs@geocities.co.jp>:
>  SA-00:09.mtr $B$NF|K\8lLu$G$9!#(B

$B$Q$A$Q$A$Q$A!y(B

> =============================================================================
> FreeBSD-SA-00:09                                           Security Advisory
>                                                                 FreeBSD, Inc.
$B!D(B $B$5$/$C$HN,(B $B!D(B
> II.  $BLdBj$N>\:Y(B - Problem Description
$B!D(B $B$5$/$C$HN,(B $B!D(B
> it is part of the FreeBSD ports collection, which contains over 3100
> third-party applications in a ready-to-install format.
> $B$=$l$i$O!"(B3100 $B$rD6$($k%5!<%I%Q!<%F%#@=$N%"%W%j%1!<%7%g%s$,(B
> $B$9$0$K%$%s%9%H!<%k$G$-$k7A$G<}$a$i$l$F$$$k(B
> FreeBSD Ports Collection $B$N0lIt$G$9!#(B

it $B$J$N$G!V$=$l$i!W$8$c$J$$$G$9$h$M!#(B

> III. $B1F6AHO0O(B - Impact
> 
> A local user can exploit the security hole to obtain root privileges.
> 
> $B%m!<%+%k%f!<%6$O!"$3$N%;%-%e%j%F%#%[!<%k$r(B exploit $B$9$k$3$H$G(B
> $B%m!<%+%k%7%9%F%`$N(B root $B8"8B$rF@$k$3$H$,$G$-$^$9!#(B

$B$3$l$b(B exploit $BLu=P$7$^$7$g$&!#(B

$B!t;XE&$7K:$l$^$7$?$,!"(BMH $B$N$G$b$"$j$^$9$M!#(B

> IV.  $BBP1~:v(B - Workaround
> 
> 1) Remove the mtr port if you have installed it.
> 1) mtr $B$N(B port $B$,%$%s%9%H!<%k$5$l$F$$$k>l9g$K$O!"(B
>    $B$=$l$r:o=|$7$F2<$5$$!#(B

$B!V2<$5$$!W"*!V$/$@$5$$!W(B
$B0J2<F1MM!#(B
----
$B$3$,$h$&$$$A$m$&(B
