Date: Wed, 8 May 1996 18:43:45 -0700 (PDT) From: Jim Dennis <jimd@mistery.mcafee.com> To: tomhavbe@martin.luther.edu (Benjamin Tomhave) Cc: questions@FreeBSD.ORG Subject: Re: Finally! Message-ID: <199605090143.SAA13086@mistery.mcafee.com> In-Reply-To: <Pine.HPP.3.92.960508161825.10682A-100000@martin.luther.edu> from "Benjamin Tomhave" at May 8, 96 04:20:23 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Ok. I did the following and now everything is back to normal: > > $ chown -R root /usr > $ reboot You might still have lost some info (some files that might have been SUID 'news' or whatever might now be erroneously (and dangerously) SUID root. I'd consider a full OS re-install if this machine is of any financial importance to you (or at least a compare against backups -- with some isolated changes). This underscores my desire to have tripwire (or it's equivalent) as part of the basic OS distribution (especially on CD-ROM -- the ideal medium to hold the base -- distribution checksum database). A full 'find / | xargs md5sum' listing would be very welcome (with some scripts to compare the live system against the ROM version -- and to created updated subsets). If I steal some cyles to write, and test those scripts myself I'll post them. > > I also had to go into /usr/home and chown -everybody- back to having > ownership on their own account home directories. However, that was it. > > Thanks everybody for your help!! I would certainly like to know -how- > this happened, but I don't really have the time to study it. If you have > any questions, I'll do my best to answer them, but that's all I can > promise. This is why I make it a habit to use Linux 'chattr +i' (and the FreeBSD 'chflags schg' since I learned of it) on all my libs, bins, and system files (except for /etc for which I make tar.gz'd backups of "dist" and "configured" to protect myself from the errant '<cmd> -R' typo. All it takes is an extra space example: myhost% pwd /home/foo myhost% chown -R whoever.whichever / home/foo and you are toast (or reaching for those system backups and screaming about several hours of downtime). Immutable is your friend against side effects. (It can be inconvenient when doing a lot of upgrades -- but I actually like to see what *really* needs to change to install new stuff) > > Thanks again for all your help!! > -ben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605090143.SAA13086>