oss-sec mailing list archives
Re: Discuss: Daily/weekly cron jobs best practices
From: "David W. Hodgins" <davidwhodgins () gmail com>
Date: Tue, 12 Jan 2016 19:06:06 -0500
On Mon, 11 Jan 2016 05:25:11 -0500, Tim Brown <tmb () 65535 com> wrote:
Not uncommon, we pop almost every UNIX box we touch this way, I assume you've seen unix-privesc-check?
Tried it. Too much output to be of any use. With complaints like I: [group_writable] /home/dave/home/dave/.gnupg/pubring.gpg is owned by user dave (group dave) and is group-writable (-rwxrwx---) W: [setgid] /usr/lib64/kde4/libexec/kdesud is setgid (root, nogroup): -rwxr-sr-x W: [setuid] /usr/bin/su is setuid (root, root): -rwsr-xr-x With 152149 lines going to stdout on my system, a quick skim of the output doesn't show anything useful. I don't see anything in the output that it's complaining about, that isn't as it should be. Regards, Dave Hodgins
Current thread:
- Discuss: Daily/weekly cron jobs best practices halfdog (Jan 06)
- Re: Discuss: Daily/weekly cron jobs best practices Tim Brown (Jan 12)
- Re: Discuss: Daily/weekly cron jobs best practices David W. Hodgins (Jan 12)
- Re: Discuss: Daily/weekly cron jobs best practices halfdog (Jan 15)
- Re: Discuss: Daily/weekly cron jobs best practices Tim Brown (Jan 12)