===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.79
retrieving revision 1.80
diff -c -r1.79 -r1.80
*** www/errata.html 1998/02/19 22:03:22 1.79
--- www/errata.html 1998/02/21 00:42:37 1.80
***************
*** 65,77 ****
SECURITY FIX
! If you rely on the system securelevels as described in init(8), you
! will want this fix. A bug in the vm system permits a file descriptor
! opened read-only on a device, to later on be mmap(2)'d read-write, and
! then modified. This does not result in a security hole by itself, but
! it does violate the safety semantics which securelevels are supposed to
! provide. If a user manages to gain kmem group permissions, using this
! problem they can then gain root trivially.
A kernel patch is available which corrects this behaviour (this is
revision 2 of this patch).
--- 65,76 ----
SECURITY FIX
! A bug in the vm system permits a file descriptor opened read-only on a
! device, to later on be mmap(2)'d read-write, and then modified. This
! does not result in a security hole by itself, but it does violate the
! safety semantics which securelevels are supposed to provide. If a user
! manages to gain kmem group permissions, using this problem they can then
! gain root trivially and/or turn securelevels off.
A kernel patch is available which corrects this behaviour (this is
revision 2 of this patch).
***************
*** 254,260 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.79 1998/02/19 22:03:22 deraadt Exp $