[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD on BUGTRAQ again.



In addition!  You can also compile it out -- I believe anyway.  So the
exploit isn't very exciting.

On Mon, Nov 06, 2000 at 09:33:05AM +0000, John Wright wrote:
> I've never replied to a BUGTRAQ posting before so I'm mentioning what I was
> going to say on here instead.
> 
> The posting/exploit says that it will drop OpenBSD to the ddb debugger and
> that an attacker must have console access (we all know about that).  By
> default this is enabled but can be disabled with the ddb.panic sysctl
> option which means the system will reboot instead.
> 
> Check /etc/sysctl.conf for ddb.panic.
> 
> So... er, there.
>