FreeBSD ゼロデイ
- Full Disclosure: ** FreeBSD local r00t zeroday
- The FreeBSD Project Security Advisory : Improper environment sanitization in rtld
- うぉ。。。FreeBSDゼロデイ。。。http://www.geekpage.jp/blog/?id=2009/12/1/1
- FreeBSD - local r00t zeroday の対策
早速対応する
バージョンの確認。
% uname -a FreeBSD freebsd.golfpartner.co.jp 7.2-RELEASE-p2 FreeBSD 7.2-RELEASE-p2 #0: Wed Jun 24 00:57:44 UTC 2009 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
FreeBSD をアップグレードする
# freebsd-update fetch Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 7.2-RELEASE from update5.FreeBSD.org... done. Fetching metadata index... done. Fetching 2 metadata patches.. done. Applying metadata patches... done. Fetching 2 metadata files... done. Inspecting system... done. Preparing to download files... done. Fetching 7 patches.... done. Applying patches... done. The following files will be updated as part of updating to 7.2-RELEASE-p5: /boot/kernel/kernel /boot/kernel/kernel.symbols /etc/mtree/BSD.var.dist /libexec/ld-elf.so.1 /usr/lib/libssl.a /usr/lib/libssl.so.5 /usr/sbin/freebsd-update /var/db/freebsd-update /root# freebsd-update install Installing updates... done.
そして、再起動をする。
# shutdown -r now
再起動後、バージョンを確認する
% uname -a FreeBSD freebsd.golfpartner.co.jp 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Fri Oct 2 12:21:39 UTC 2009 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386