Date: Sun, 11 Feb 1996 22:47:30 +1100 (EST) From: Anthony Hill <ahill@interconnect.com.au> To: Brian Tao <taob@io.org> Cc: freebsd-security@freebsd.org Subject: Re: User creating root-owned directories? Message-ID: <Pine.BSI.3.91.960211222410.6611A-100000@tulpi.interconnect.com.au> In-Reply-To: <199602101945.MAA12583@terra.aros.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Brian Tao once said: > > I'll perform a more detailed scan for setuid and setgid programs > > today then. A lot of our users run setuid CGI scripts (PHP tools, a > > Web page logging package)... the hacker may have named a setuid > > program after one of the PHP scripts to hide it from scrutiny. Letting users have setuid scripts is pretty deadly stuff - you might want to checkout sudo. If you must run setuid CGI scripts, the taint features in PERL are a real help. You might want to have a look at the "No you cant have root document" on our "chief security bastard"s home page. > > Probably a good time to compare MD5 signatures on the system binaries > > too... *sigh*. If I suspect root has been compromised on my system, I do a complete reinstall then recreate the user stuff from backups - you never know where the little turds may have left a surprise for you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.960211222410.6611A-100000>