Patch-ID# 100909-03
Keywords: security, dump, in.comsat, in.talkd, shutdown, syslogd, write, 4.1.x 
Synopsis: SunOS 4.1.1;4.1.2;4.1.3: Security update for syslogd.  
Date: Aug/08/94

Solaris Release: 1.1 

SunOS Release: 4.1.3C 4.1.3 4.1.2 4.1.1

Unbundled Product: 

Unbundled Release: 

Relevant Architectures: sun3 sun3x sun4 sun4c sun4m

BugId's fixed with this patch: 1133861 1109291

Changes incorporated in this version: 1133861

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 100272(-07+) 100593(-03+) 101480 101481 101482

Obsoleted by: 4.1.3_U1

Files included with this patch: syslogd

Problem Description: 

   (Patch 100909-03 is a merely a repackaging of 100909-02 to make the patch
   smaller and simpler.  There is no change in functionality.)

   1133861 (Patch 100909-02) Syslog, as originally shipped, could be
           exploited in an obscure way to gain root access.

   1109291 (Patch 100909-01) When syslog messages show up and these messages
           are similar from various machines, they get confusing because one
           is not sure which machine sent the message.

Patch Installation Instructions: 

   1) Login as root.

   2) Make a backup copy of the old file (if you have installed the original
      patch, you may wish to save under another name):
	mv /usr/etc/syslogd /usr/etc/syslogd.fcs

   3) Change the permissions on the saved file to prevent its execution:
	chmod 400 /usr/etc/syslogd.fcs

   4) Copy in the patched file:
	cp `arch`/`uname -r`/syslogd /usr/etc/syslogd

   5) Set ownership & permissions:
	chown root /usr/etc/syslogd
	chgrp staff /usr/etc/syslogd
	chmod 755 /usr/etc/syslogd
