Patch-ID# 101200-03
Keywords: security modload ld
Synopsis: SunOS 4.1.3: Breach of security using modload
Date: Sep/27/94

Solaris Release: 1.1
 
SunOS release: 4.1.3, 4.1.3C

Unbundled Product: 

Unbundled Release:

Topic: kernel security can be breached by setuid programs using modload 
 
BugId's fixed with this patch: 1137491 1168752

Changes incorporated in this version: 1168752

Architectures for which this patch is available: sparc

Patches which may conflict with this patch:

Obsoleted by: 

Problem Description: 


BUG ID 1168752:
	modload from patch 101200 does not work on all platforms.

BUG ID 1137491:
	There seems to a bug in the program /usr/etc/modload in sunos 4.1.3
	This is brought to light by using the program
	/usr/openwin/bin/loadmodule.
	loadmodule is a suid root program - it calls modload as part of
	its operation.

INSTALL: 

As root:

Make a backup copy of the files to be installed:

mv /usr/kvm/modload	/usr/kvm/modload.orig

Now install the patched files:

cp 	`arch -k`/modload	/usr/kvm/modload
chmod	755		/usr/kvm/modload
