[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
- Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 9 Feb 2002 00:38:51 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Friday 08 February 2002 08:12 pm, Barbara wrote:
<SNIP>
> I bet you ANYTHING it's that damn Neomail program that
> changed these permissions... And if that's the case,
> then there's literally hundreds (or more) of RaQ users
> who's shadow passwd file has been changed to the same
> ugly permissions!
<SNIP>
Barbara,
I remembet the epsiode when we found that neomail messed with the suid bit
But, I still have that one spare RaQ4r with neomail on it and;
[admin admin]$ ls /etc/shadow -l
-r-------- 1 root root 552 Sep 29 21:04 /etc/shadow
[admin admin]$ ls /etc/shadow- -l
-rw------- 1 root root 524 Sep 29 07:25 /etc/shadow-
--
Gerald Waugh