tech-security: Re: [venglin@freebsd.lublin.pl: local root compromise in openbsd 3.0 and below]

Subject: Re: [venglin@freebsd.lublin.pl: local root compromise in openbsd 3.0 and below]
To: Jan Schaumann <jschauma@netbsd.org>
From: Herb Peyerl <hpeyerl@beer.org>
List: tech-security
Date: 04/11/2002 13:20:06

Jan Schaumann <jschauma@netbsd.org>  wrote:
 > I just can't believe that /usr/bin/mail on OpenBSD would not behave the
 > same way -- even linux's mail(1) does indicate that it only interprets ~
 > in interactive mode...

From memory, it wouldn't be the first time one of their audits had
created a hole.