Re: R command questions
From: Sherman H. (shung1099_at_earthlink.net)
Date: 10/23/03
- Previous message: all mail refused: "Re: R command questions"
- In reply to: Sherman H.: "R command questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Oct 2003 21:22:23 GMT
Thanks for all the posts. I would like to know with the parameters, what
would be the real security exposures. Thanks.
"Sherman H." <shung1099@earthlink.net> wrote in message
news:dJWlb.3385$I04.1344@newsread4.news.pas.earthlink.net...
> I am working on a security exposure case and couldn't determine if there
is
> a problem. Here is what I found:
>
> 1. The r commands were used in the environment. In the /etc/inetd.conf
> file, shell, login and execute were not removed.
>
> 2. The hosts.equiv file contained many shared and obsolete account IDs.
>
> 3. However, the access permission for hosts.equiv file was considered
okay.
> The permission is -rw-r--r-- 1 root system.
>
> Is there a security exposure based on the above three parameters?
>
>
- Previous message: all mail refused: "Re: R command questions"
- In reply to: Sherman H.: "R command questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
