Date: Tue, 22 Jul 1997 09:34:41 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Andreas Klemm <andreas@klemm.gtn.com> Cc: Jaye Mathisen <mrcpu@cdsnet.net>, Terry Lambert <terry@lambert.org>, sthaug@nethelp.no, hackers@freebsd.org Subject: Re: sendmail complains about being unable to write his pid file Message-ID: <199707221534.JAA05427@rocky.mt.sri.com> In-Reply-To: <19970722074150.52808@gtn.com> References: <199707212106.OAA11898@phaeton.artisoft.com> <Pine.NEB.3.95.970721151455.28740J-100000@mail.cdsnet.net> <19970722074150.52808@gtn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Well, just to throw in my 2 bits, I don't really care who owns it, because > > if root is compromised, who gives a flying leap about files being bin.bin, > > your system is still open. > > Ok, true, but we don't speak about an already compromised server machine, > we speak about a server machine, that might be less compromised, by > giving the files other permissions. If you export files 'rw', you're machine can be compromised by any machine that has access to the packets. You're fooling yourself if you believe otherwise. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707221534.JAA05427>