From nobody@FreeBSD.org  Wed Dec 31 20:49:53 2003
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5F5C416A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Dec 2003 20:49:53 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A76EE43D3F
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Dec 2003 20:49:52 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i014nqdL051969
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Dec 2003 20:49:52 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i014nq4K051968;
	Wed, 31 Dec 2003 20:49:52 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200401010449.i014nq4K051968@www.freebsd.org>
Date: Wed, 31 Dec 2003 20:49:52 -0800 (PST)
From: Lucas <aspiesrule@mcleodusa.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: chastise: security hole?
X-Send-Pr-Version: www-2.0

>Number:         60780
>Category:       misc
>Synopsis:       chastise: security hole?
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Dec 31 20:50:18 PST 2003
>Closed-Date:    Thu Jan 01 08:06:59 PST 2004
>Last-Modified:  Thu Jan 01 08:06:59 PST 2004
>Originator:     Lucas
>Release:        N/A
>Organization:
N/A
>Environment:
N/A
>Description:
      Chastise, if called from within an infinite loop, could cause a user's home to be destroyed.  This could possibly be exploited by a malicious user.
>How-To-Repeat:
      Will be posted in a follow-up (hopefully).
>Fix:
      Fix is not known at this time
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: ceri 
State-Changed-When: Thu Jan 1 08:04:16 PST 2004 
State-Changed-Why:  
This PR does not contain nearly enough information to be of any use. 
For instance, what is "chastise"? 
Once that has been answered, it would be a good idea to submit 
information on how to repeat the bug with the initial PR submission - 
otherwise the PR is simply a statement that some unknown program may 
cause an unknown security hole if used in an unspecified way. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60780 
>Unformatted:
