COMMAND
	Race condition between debug hook and exec  setuid  may  lead  to  local
	root
SYSTEMS AFFECTED
	 All released versions of FreeBSD 4.x prior to 4.5-RELEASE
	 FreeBSD 4.4-STABLE prior to the correction date
PROBLEM
	Logan  Gabriel,  Robert  Watson  and  Dag-Erling  Sm�rgrav  reported  in
	FreeBSD advisory FreeBSD-SA-02:08 :
	When a process is started from a set-user-ID or set-group-ID binary,  it
	is marked so that attempts to attach to it with  debugging  hooks  fail.
	To allow such attachments would allow a user to subvert the process  and
	gain elevated privileges.
	A race condition exists in the FreeBSD exec system call  implementation.
	It is possible for a user to attach a debugger to a process while it  is
	exec'ing, but before the kernel  has  determined  that  the  process  is
	set-user-ID or set-group-ID.
SOLUTION
	Download the relevant patch from the following location:
	
	[FreeBSD 4.4-STABLE, or RELENG_4_3 and RELENG_4_4 security branches]
	ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:08/exec.patch
	ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:08/exec.patch.asc
	[FreeBSD 4.3-RELEASE only]
	ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:08/exec-43R.patch
	ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:08/exec-43R.patch.asc