[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] gmon.out a security issue?
- Subject: Re: [cobalt-developers] gmon.out a security issue?
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Tue Apr 2 10:34:31 2002
- Organization: nobaloney.net
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Steve Werby wrote:
> "Jeff Lasman" <jblists@xxxxxxxxxxxxx> wrote:
> > Does this mean that the site-owner is actually compiling something on
> > the machine? Seems impossible; they don't have root access.
>
> Root access isn't needed to compile a program. Shell access isn't even
> required. The "impossible" is very much possible and trivial to do. <g>
Once again my brain got ahead of my fingers. What I should have said is
"Does this mean that the site-owner is actually compiling something on
the machine as root?"
Is it poossible for the gmon.out to be owned by root if the compilation
wasn't done as root? Somehow I don't think so.
> Absolutely. Based on what you've shared I haven't ruled that out. Based on
> feedback from others I don't think that's the case, but it's certainly a
> possibility.
Thanks for your input. I've advised the owner of the system that he
should look through his client's site and look for compiled programs,
and perhaps even go so far as to ask the client if s/he was compiling
anything.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484