[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] security risk... is this normal?
- Subject: Re: [cobalt-users] security risk... is this normal?
- From: Dmitry Alexeyev <dmi_a@xxxxxxxxxx>
- Date: Mon Mar 1 10:37:04 2004
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> most of them are permissioned as 755 and owner root, group root.
> although most rpm installs as root should not rpm -e as another user,
> there are the potential for open permissioned folders and files to be
> removed if an unauthorized SSH/telnet enabled user were to attempt to
> run one/more of these files.... any thoughts?
Since it is not setuid, where do you see security risks?
Look into /etc/rc.d/init.d/* - they are all 755.
And there's no risk
rpm can only access to it's base being the root user normally...
> ps - I noticed that a third-party installation of phpMyAdmin from
> NuOnce was CORRECTLY set as 700 and root/root owner/group - thereby
> removing the possibility that a non-permissioned user could cause any
> problem.
rpm -qa gives you installed rpm list
rpm -e could delete any package.
Why setting it to 700? Well, someone may see what rpm package is it, and
so what?
On the other hand all Raq stuff is so 'modern', so anybody expierenced a
bit with a shell or php might get root in a couple of minutes on any
raq. It's really easy.
Restrict shell access!
Restrict PHP & CGI!
WBR,
Dmitry