similar to: rh62 suid files

This is yet-another reason to _partition_ your disks. Of course hard links do not work accross filesystems. Even thought it is a pain in the neck to do when installing your operating system, think about separating critical system files from non-critical and non-system files from system files. I would say that the following layout is a good place to start: / /usr (nosuid,nodev,ro) /usr/local

Hello all, Compiling 2.1.1p1 on my RedHat Linux 6.2 w/ 2.2.16 kernel seems to cause errors from the start.. ---- gcc -O2 -m486 -fno-strength-reduce -Wall -DETCDIR=\"/etc/ssh\" -DSSH_PROGRAM=\"/usr/bin/ssh\" -DSSH_ASKPASS_DEFAULT=\"/usr/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c -o bsd-base64.o bsd-base64.c In file included from defines.h:261, from

I am running Redhat 6.1 as a firewall between a cable modem and my home network. Occasionally, I see messages such as these under /var/log/messages: Jan 17 13:38:16 saturn5 portmap[3726]: connect from 24.28.77.200 to dump(): request from unauthorized host Jan 18 14:00:34 saturn5 portmap[1544]: connect from 204.151.148.146 to dump(): request from unauthorized host My assumption is that the

I'm setting up a dedicated database server, and since this will be a central service to my various web servers I wanted it to be as secure as possible...so I am leaving SELinux enabled. However I'm having trouble getting Apache to use mod_auth_pam. I also now can't get setroubleshootd working to send me notifications of the denials and provide tips to solve the problem. The Apache

<pre>I have a machine with the follow specs.<br /><br />Linux hermes.business.com 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005<br />i686 i686 i386 GNU/Linux<br /><br />pam-0.79-8<br />dovecot-0.99.14-4.fc4<br /><br />No one is able to receive e-mails due to authentication failures and yesterday afternoon<br />they were able to.<br

The last two times that i have cvsup-ed/built/installed world (first from 4.7-Rel to 4.8-Rc, then to 4.8-Rel), i have noticed that after the update is complete the newly installed suidperl binary has not the suid bit set and does not work until i manualy set it., and i just wonder if this is something normal, or i am doing something wrong? -- Cheers, Niki

Well after I tried it the ./configure on all machines ( 4 total) I ran a few other compiles of other programs and figured out what was missing. Evidently the RH62 kernel "forgets" to put a symlink from /usr/src/linux/include/asm-i386 --> asm. I put that in and presto ./configure creates the Makefile and I am compiling 2.0.7Pre2 as we speak. What keyed this was trying a kernel compile,

Hi, On CentOS 7.7.1908 I've got the following error message: unix_chkpwd[1026]: could not obtain user info (root) I dont' know why... There are no SELinux errors, and the permissions of relevant files are: ls -Z /etc/shadow /etc/passwd /usr/sbin/unix_chkpwd -rw-r--r--. root root system_u:object_r:passwd_file_t:s0 /etc/passwd ----------. root root system_u:object_r:shadow_t:s0

Dear All, I'm currently troubleshooting NetworkManger scripts. I see a difference in machine A : drwxr-xr-x 2 root root 4096 apr 24 16:33 . drwxr-xr-x 5 root root 4096 jan 9 12:13 .. -rwxr-xr-x 1 root root 175 jan 9 12:13 00-netreport -rwxr-xr-x 1 root root 335 okt 22 2012 04-iscsi -rwxr-xr-x 1 root root 345 jan 9 12:13 05-netfs -rwxr-xr-x 1 root root 926 sep 25 2012 10-dhclient

hi, I'm just recoginze that dovecot contains an rpm spec file. unfortunately it's not too useful since an rpm -ta dovecot-.x.y.tar.gz can't be used since just the dovecot.spec.in is in the tarbar and not the actual spec file (which is in this from not useful in the above form). anyway here is my patch to the spec.in. -- Levente "Si vis pacem

The attached patch adds an option --drop-suid which caused rsync to drop setuid/setgid permissions from the destination files. ie, even if the source file is setuid, the target file will not be. Added as we want to rsync the same files to machines both inside and outside our firewalls. For machines inside the firewall some files should be suid, for machines outside the firewalls they should

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libc_stdlib / libutil Announced: 2008-01-14

Of course, I wanted to say not OPTION but CHOICE :-) Peter Rosa ----- Original Message ----- From: "Peter Rosa" <prosa@pro.sk> To: <matthew@starbreaker.net> Cc: "FreeBSD Questions" <freebsd-questions@freebsd.org> Sent: Saturday, July 26, 2003 7:33 PM Subject: Re: suid bit files and securing FreeBSD > Hello Matthew, > > thank you very much.

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: kdelibs vulnerability for suid-root KDE applications Advisory ID: RHSA-2000:032-02 Issue date: 2000-06-07 Updated on: 2000-06-07 Product: Red Hat Powertools Keywords: N/A Cross references: N/A

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: kdelibs vulnerability for setuid KDE applications Advisory number: CSSA-2000-015.0 Issue date: 2000 June, 02 Cross reference: ______________________________________________________________________________ 1.

i had a small query , whant is the difference between stickybit SUID and SGID , is there any proper site where i can get a clear understanding . -- Regards Agnello D'souza -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100709/c7c22588/attachment.html>

I'm trying to set up a Samba mount point to a WinME computer so that a user can mount the file system. I'm getting the following error when I attempt the mount: $ mount /jan.fcwm.org/ smbmnt must be installed suid root for direct user mounts (500,500) smbmnt failed: 1 How do I install smbmnt suid root? Running Red Hat 7.2, and have the following rpms installed: $ rpm -qa | grep samba

Author: casper Repository: /hg/zfs-crypto/gate Revision: eda2f70f88e7ae03c995f668ced6bcdce8297daf Log message: 6361644 Differences in SUID scripts between S9 and S10 Files: update: usr/src/uts/common/exec/elf/elf.c update: usr/src/uts/common/exec/intp/intp.c update: usr/src/uts/common/os/exec.c update: usr/src/uts/common/sys/exec.h

http://bugzilla.mindrot.org/show_bug.cgi?id=136 Summary: setgid() deemed to fail for non-suid ssh client on linux if using other than primary group Product: Portable OpenSSH Version: 3.0.2p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=136 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|openssh-unix-dev at mindrot.org|stevesk at pobox.com ------- Additional Comments From stevesk at pobox.com 2002-03-31 06:38 ------- i will look at this. -------