[LUGA] Mit freundlicher Unterstützung von:
init.at

Mail Thread Index


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-alert] More sendmail problems... Partition your disks!



Oder noch besser:



---------- Forwarded message from linux-alert-request@redhat.com on Mon, 24 Mar 97 14:04:08 -0500 -----------
Resent-Date: 24 Mar 1997 19:05:04 -0000
Resent-Cc: recipient list not shown: ;
MBOX-Line: From linux-alert-request@redhat.com  Mon Mar 24 14:04:57 1997
From: "Alexander O. Yuriev" <alex@yuriev.com>
X-Authentication-Warning: ding.mailhub.com: localhost [127.0.0.1] didn't use HELO protocol
To: linux-alert@redhat.com
Date: Mon, 24 Mar 97 14:04:08 -0500
X-Mts: smtp
Resent-Message-ID: <"xKAms.0.0R1.P1jDp"@mail2.redhat.com>
Resent-From: linux-alert@redhat.com
Reply-To: linux-alert@redhat.com
X-Mailing-List: <linux-alert@redhat.com> archive/latest/20
X-Loop: linux-alert@redhat.com
Precedence: list
Resent-Sender: linux-alert-request@redhat.com
Subject: [linux-alert] More sendmail problems... Partition your disks!


This is yet-another reason to _partition_ your disks. Of course hard links
do not work accross filesystems. Even thought it is a pain in the neck to do
when installing your operating system, think about separating critical
system files from non-critical and non-system files from system files. I
would say that the following layout is a good place to start:

	/
	/usr		(nosuid,nodev,ro)
	/usr/local	(nosuid,nodev,ro)
	/usr/local/sbin	(nodev,ro)
	/tmp		(nosuid,noexec,nodev)
	/var		(nosuid,noexec,nodev)
	/opt		(nosuid,nodev,ro)
	/services	(nosuid,noexec,nodev)
	/home		(nosuid,nodev)
	

Alex


-------- Forwarded Message

Return-Path: owner-bugtraq@netspace.org
Reply-To: C0WZ1LL4@netspace.org
Sender: Bugtraq List <BUGTRAQ@netspace.org>
From: C0WZ1LL4@netspace.org
Approved: alex@yuriev.com
Approved: alex@yuriev.com
To: BUGTRAQ@netspace.org

Hello fellow mongoloids
Try this:
Make hard link of /etc/passwd to /var/tmp/dead.letter
Telnet to port 25, send mail from some bad email address to some unreacheable hoost.
Watch your message get appended to passwd.
ie:
cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh

This is not good.  Worked with my 8.8.4, will probably also work with 8.8.5
Root for the whole family

---Cowzilla the omnipotent b0v1n3
PD
Greets to various #2600 people

-------- End of Forwarded Message



--
   _  | Peter J. Holzer             | If I were God, or better yet
|_|_) | Sysadmin WSR                | Linus, I would ...
| |   | hjp@wsr.ac.at               |     -- Bill Davidsen
__/   | http://wsrx.wsr.ac.at/~hjp/ |        (davidsen@tmr.com)



powered by LINUX the choice of a gnu generation
linux user group austria;
Suche
Suche
Letzte Änderung:
webmaster@luga.at
September 2010