Security Incidents mailing list archives

Re: Permissions

From: Valdis.Kletnieks () VT EDU (Valdis Kletnieks)
Date: Tue, 27 Jun 2000 19:17:05 -0400


On Tue, 27 Jun 2000 10:49:49 CDT, you said:

Are there any attacks that any of you have heard of that would change all
the permissions on the drive to 755 RECURSIVELY?  Running RH Linux 6.2


Have you ruled out a simple 'chmod -R 755 .' in the wrong directory? ;)

Never ascribe it to a hacker attack unless you have *ruled out* sysadmin
stupidity.

/Valdis (who once did a 'chmod 644 /' and then couldnt figure out why users
couldn't logon ;)

<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>

Current thread:

blind forwards, (continued)
- - - blind forwards Keith McCammon (Jun 28)
    - Re: blind forwards Ex Machina (Jun 29)
    - Re: blind forwards Brock Norvell (Jun 29)
    - Re: blind forwards John Hall (Jun 29)
    - Re: blind forwards David Pick (Jun 30)
    - Re: funky syslog entry UnixGeek (Jun 29)
    - Re: funky syslog entry Chris West (Jun 29)
    - wuftp exploit Toby Miller (Jun 28)
    - Re: wuftp exploit Daniel Jacobowitz (Jun 28)
    - Permissions Derick Schuetz (Jun 27)
    - Re: Permissions Valdis Kletnieks (Jun 27)
    - Re: Permissions Jon Lewis (Jun 27)
    - Probes for MySQL under Linux? Ralf G. R. Bergs (Jun 27)
    - Re: Probes for MySQL under Linux? Tabor J. Wells (Jun 27)
    - Port scan (106 and 389) Chris Laycock (Jun 28)
    - Compromise and Bind Replacement Scott Brown (Jun 28)
    - Re: Port scan (106 and 389) Fabio Pietrosanti (Jun 28)
    - Re: Probes for MySQL under Linux? Al Huger - Mail Account (Jun 28)
    - Was I exploited? Narins, Joshua (Jun 29)
    - Re: Was I exploited? Russ Spooner (Jun 29)
    - Re: Nike Site taken over Ballard, James (Jun 27)

(Thread continues...)