Re: How could this account have been cracked?

Unruh <unruh-spam@xxxxxxxxxxxxxx> (06-09-26 21:08:54):

Otherwise, it sounds like I'd have to do some serious
organizational work...

Although... maybe a happy medium would be to just install a new HD
in the existing box, and use that as the new OS filesystem. Mount
the existing suspect drive as data, and migrate that way.

If you've taken precautions for such situations, then there is no
problem, really. Since you only need to reinstall your system, for
example, you don't need to touch your /home tree. If you have an own
partition for /home, then you're in luck. If you need to save data in
other trees, then you can just create a temporary directory in /home,
and copy the data there.

Well, no. People can install garbage anywhere. FOr example, I had a
machine rooted and it had suid shells scattered all over the
place. Eg, /tmp/banana was one. It is easy to stick something into a
/home directory (eg just take a file name there, change it by one
letter and have it be an suid root shell.)

At the very least do
find /home -perm +6000 -l
to look for any suid and guid files in the /home directory.

Similarly in /dev, /tmp, etc.

I have addressed that issue earlier. In that paragraph, I was talking
merely about the migration process itself.


Regards,
E.S.
.

Relevant Pages

  • Re: How could this account have been cracked?
    ... I have so many different services running on it, ... easiest way to migrate would be to buy a new box and then install the ... you don't need to touch your /home tree. ... rooted and it had suid shells scattered all over the place. ...
    (comp.os.linux.security)
  • Re: Yum $releasever $basearch
    ... On 5/24/05, John Austin wrote: ... That would work if firefox.i386 was in the x86_64 tree, ... Or if you really want to, create a custom repo ... > to try to use yum to install such things on test releases such as ...
    (Fedora)
  • Creating install CD with custom ports - how to massage INDEX file?
    ... I've been building my own install CDs for a planned multi-server ... together how I get my own package set onto the CD in a usable form. ... /usr/ports CVS, plus locally written software in ports format. ... ensured that the tree is closed under the dependency operation (to use ...
    (freebsd-hackers)
  • Question about security updates.
    ... I am a linux user that wants to switch to freebsd... ... I installed a box for trial it was 5.1, I wanted to see if I could use ports ... the system tree and the ports tree? ... or remove the sys version and install the port ...
    (freebsd-newbies)
  • Questions about updating...
    ... I am a linux user that wants to switch to freebsd... ... the system tree and the ports tree? ... or remove the sys version and install the port ...
    (freebsd-questions)