Date: Sat, 22 Sep 2001 16:20:18 -0700 From: "Kory Hamzeh" <kory@avatar.com> To: <freebsd-questions@freebsd.org> Subject: daily security ceck - setuid diffs Message-ID: <002101c143bd$24564cc0$14ce21c7@avatar.com>
next in thread | raw e-mail | index | archive | help
I moved a server from one hardware (PC) to another. I did this by installing a basic RELEASE-4.3 on the target machine (the source was also running RELEASE-4.3). I did a full level 0 dump of all of the filesystems of the source machine and did a full restore to the target machine. Everything work flawlessly, of course I did change the name and IP of the source machine. The target machine came up just fine. However, the next day in the daily security check e-mail, I receive a bunch of these warning: ns2.avatar.com setuid diffs: 1,86c1,86 < 95239 -r-xr-sr-x 1 root operator 56892 Apr 21 02:05:46 2001 /bin/df < 95252 -r-sr-xr-x 1 root wheel 317400 Apr 21 02:13:35 2001 /bin/rcp < 269831 -r-xr-sr-x 1 root kmem 62792 Apr 21 02:08:02 2001 /sbin/ccdconfig I think these means that the dates of programs that have the setuid bit set has changed since the last check. This is to be expected and I think this is not something to worry about. Am I correct in my thinking? Thanks, Kory To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002101c143bd$24564cc0$14ce21c7>