Date: Tue, 28 Dec 1999 11:19:45 +0100 From: Brad Knowles <blk@skynet.be> To: freebsd-stable@FreeBSD.ORG Subject: Re: Huge differences in suid programs ? Message-ID: <v04220803b48e3ef952a1@[195.238.1.121]> In-Reply-To: <199912271656.RAA28357@dorifer.heim3.tu-clausthal.de> References: <199912271656.RAA28357@dorifer.heim3.tu-clausthal.de>
next in thread | previous in thread | raw e-mail | index | archive | help
At 5:56 PM +0100 1999/12/27, Oliver Fromme wrote: > Well, the daily security script just does an "ls -l" on all > suid/sgid binaries and diffs them with the previous listing. I understand that part. > Therefore it will regard all differences in the ls -l output > as "differences". This can be the ownership, time stamps, and > sizes of the files. I understand that part, too. > Even if the actual contents of the files > are the same, the time stamps are not the same (because they > indicate the time at which the files where created), so the > daily security script will regard them as "different". My question has nothing to do with the daily security script noticing that things are different. It has everything to do with why the binaries were replaced to begin with, if the contents of the binaries haven't changed. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, <blk@skynet.be> Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04220803b48e3ef952a1>