From owner-freebsd-security  Wed Feb 14 14:28:34 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA19012
          for security-outgoing; Wed, 14 Feb 1996 14:28:34 -0800 (PST)
Received: from zip.io.org (root@zip.io.org [198.133.36.80])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id OAA19000
          for <freebsd-security@freebsd.org>; Wed, 14 Feb 1996 14:28:28 -0800 (PST)
Received: (from taob@localhost) by zip.io.org (8.6.12/8.6.12) id RAA02943; Wed, 14 Feb 1996 17:24:23 -0500
Date: Wed, 14 Feb 1996 17:24:23 -0500 (EST)
From: Brian Tao <taob@io.org>
To: Anthony Hill <ahill@interconnect.com.au>
cc: freebsd-security@freebsd.org
Subject: Re: User creating root-owned directories?
In-Reply-To: <Pine.BSI.3.91.960211222410.6611A-100000@tulpi.interconnect.com.au>
Message-ID: <Pine.BSF.3.91.960214171956.24170T-100000@zip.io.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
Precedence: bulk

On Sun, 11 Feb 1996, Anthony Hill wrote:
> 
> You might want to have a look at the "No you cant have root document" on 
> our "chief security bastard"s home page.

    What's the URL?

> If I suspect root has been compromised on my system, I do a complete 
> reinstall then recreate the user stuff from backups - you never know where 
> the little turds may have left a surprise for you.

    That would be ideal.  I have a couple more servers coming in
tomorrow, which will give me a chance to do a fresh install and
compare it to the existing ones.
--
Brian Tao (BT300, taob@io.org)
Systems Administrator, Internex Online Inc.
"Though this be madness, yet there is method in't"