[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Backups - Newbie

Subject: Re: [cobalt-developers] Backups - Newbie
From: "H.P. Stroebel" <hpstr@xxxxxxxxxxxxx>
Date: Tue Aug 15 15:33:49 2000
Organization: Rechtsanwalt

Arthur Corliss schrieb:

> On Tue, 15 Aug 2000, H.P. Stroebel wrote:

> ;-)  You're more paranoid than I am.  First of all, '.' should never be in
> your path to begin with, and second of all, if the rest of your path (which
> typically will be only the /bin:/usr/bin:/usr/local/bin, etc.) has been
> compromised, it usually takes root powers to do so.  So, the trojan will *be*
> /bin/su, and you've gained nothing.

definitely not correct.

most common are self-deleting su-trojans. it gives you a "password
incorrect" error while saving the password, and then it deletes itself. 
so you have the impression of a mistyping, when you call it again, you
reach the original su.

trojaned su`s instead of the original should not be so common, as they
would be easier to detect, due to lack of functionality or different
checksums (even if there are certain "patches" for tripwire etc.)

btw.: i AM paranoid, but even little things are important.

-- 

H. P.  Stroebel, Germany

CGI-FAQ for Raq-Newbies :
http://users.iol.it/hpstr/

A problem to some is a 'feature' to others.

Follow-Ups:
- Re: [cobalt-developers] Backups - Newbie
  - From: Arthur Corliss

References:
- Re: [cobalt-developers] Backups - Newbie
  - From: Arthur Corliss

Prev by Date: Re: [cobalt-developers] Sorry I posted the same info six times about "New BBS"
Next by Date: Re: [cobalt-developers] Backups - Newbie
Previous by thread: Re: [cobalt-developers] Backups - Newbie
Next by thread: Re: [cobalt-developers] Backups - Newbie

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index