Security Basics mailing list archives
Re: disabling "rogue" login hooks on [bsd type ] apple mac os x snow leopard-problem
From: Marcin R <kaktus9news () gmail com>
Date: Thu, 5 May 2011 19:32:52 +0200
thanks, i'll certainly try this, but in case i will be unable to locate the thing, maybe i wasn't totally clear - either. what i want to achieve is to purge logon exec sequence to it's default state-os x does this by default but the -pf parameter sent to login process overrides this default behavior what i'm trying to cancel this but i'm unable to because the said control file is not in the location where it was just a month ago. i was wondering if there was some hidden [or not hidden ] unix command that would force process control prefs back to it's stock defaults. Marcin R. 2011/5/5 Larry Offley <offley () gmail com>:
I might not have been clear don't grep for the file but grep for the command that is opening the ports perhaps max OS in all its glory has renamed or consildated the file somehow so it isn't "there" anymore and has a new name or has been appended to another file . That kind of thing. Otherwise you could have some file corruption that is hiding the file from you but the system can see it to execute it. It might be better to backup and reinstall. You could also grep the /dev/<hardrive_partion> for the command that is opening the ports Larry Offley On 5/4/2011 1:53 AM, Marcin R wrote:i've grepped whole disk dir as root and just nothin 2011/5/4 Larry Offley<offley () gmail com>:Have you tried booting off another OS X install mounting the drive and editing it from there. perhaps using grep to find the file containing the command that opens those ports perhaps it just isn't where you are expecting it. Larry Offley On 5/3/2011 2:44 AM, Marcin R wrote:hello group, i have a question regarding deactivation of login hooks on Mac os X 10.6 snow leo some time ago i've written some debug script for my OS X root account -now after fixing disc permissions the script has reactivated ad gone rogue [disapeared from it's directory so i'm unable to delete] when i login to Terminal i get $ ps ....other processes login Marcin when i type sudo su - *password here* i get the unwanted script execution ps shows login -pf Marcin as a login process and i'm stuck cos only way i know of turning off login hook is deleting the script from disk the com.apple.preferences file with the dir pasted [apple's advice on creating login hooks] is entirely non-present in given location as this script opens few ports for net debug it poses sec threat and i really desperately need to turn that login hook off please advise and thanks in advice take care Marcin R. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- disabling "rogue" login hooks on [bsd type ] apple mac os x snow leopard-problem Marcin R (May 03)
- Message not available
- Message not available
- Message not available
- Re: disabling "rogue" login hooks on [bsd type ] apple mac os x snow leopard-problem Marcin R (May 05)
- Message not available
- Message not available