Date: Thu, 11 May 2000 22:42:41 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: stanislav shalunov <shalunov@att.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <4.3.2.20000511222552.00c38dd0@207.227.119.2> In-Reply-To: <87snvo8ovq.fsf@sharik.worldnet.att.net> References: <"Jeffrey J. Mountin"'s message of "Thu, 11 May 2000 20:10:41 -0500"> <20000509150609.L42267@vuurwerk.nl> <4.3.2.20000511192741.00c24ac0@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:48 PM 5/11/00 -0400, stanislav shalunov wrote: >"Jeffrey J. Mountin" <jeff-ml@mountin.net> writes: > > > You could always force the ownership of .ssh/ and any files under it > > to root. > >But the owner of the home directory can just "mv .ssh ssh-forget-me". >If the user already has an authorized_keys file, he'd probably notice. >Otherwise, especially if he doesn't ssh out from that machine or it >has a good known_hosts file it can go unnoticed. Whoops, forgot to add the flag so that it could not be deleted or removed. <sigh> >Or did you mean "...and check that ownership didn't change daily"? >(They could move the directories around daily, too.) No. Without the flags set, that would just create more work and do little for security. Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.20000511222552.00c38dd0>