On Mon, Sep 04, 2006 at 10:25:09PM +0400, Andrew Pantyukhin wrote:
> >> BTW, I wonder why www/phpmyfaq is not in your list.
> >
> >What a+w file does it install?
>
> [EMAIL PROTECTED]:~> find /usr/local/www/phpmyfaq -perm -a+w
> /usr/local/www/phpmyfaq/inc
> /usr/local/www/phpmyfaq/images
> /usr/
On 9/4/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
On Mon, Sep 04, 2006 at 09:35:03PM +0400, Andrew Pantyukhin wrote:
> On 9/4/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> >On Mon, Sep 04, 2006 at 08:48:26PM +0400, Andrew Pantyukhin wrote:
> >> On 9/1/06, Andrew Pantyukhin <[EMAIL PROTECTED]>
On Mon, Sep 04, 2006 at 09:35:03PM +0400, Andrew Pantyukhin wrote:
> On 9/4/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> >On Mon, Sep 04, 2006 at 08:48:26PM +0400, Andrew Pantyukhin wrote:
> >> On 9/1/06, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote:
> >> >On 9/1/06, Kris Kennaway <[EMAIL PROTECTE
On 9/4/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
On Mon, Sep 04, 2006 at 08:48:26PM +0400, Andrew Pantyukhin wrote:
> On 9/1/06, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote:
> >On 9/1/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> >> On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrot
On Mon, Sep 04, 2006 at 08:48:26PM +0400, Andrew Pantyukhin wrote:
> On 9/1/06, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote:
> >On 9/1/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> >> On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrote:
> >> > On Thu, Aug 31, 2006 at 06:15:18PM +0400, An
On 9/1/06, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote:
On 9/1/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrote:
> > On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote:
> > > Under no circumstances should a port install wo
On 9/1/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrote:
> On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote:
> > Under no circumstances should a port install world-writable
> > files or directories. In most cases this open
On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrote:
> On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote:
> > Under no circumstances should a port install world-writable
> > files or directories. In most cases this opens the system to all
> > kinds of attacks. A simple gre
On Thu, 31 Aug 2006 20:34:21 +0400
Stanislav Sedov <[EMAIL PROTECTED]> mentioned:
>
> Hmm, strange method... In fact, most of port you listed are harmless.
>
Sorry, now I see that the word 'most' isn't applicable here.
My apologizes.
--
Stanislav Sedov MBSD labs, Inc. <[EMAIL P
On Thu, 31 Aug 2006 18:51:27 +0400
"Andrew Pantyukhin" <[EMAIL PROTECTED]> mentioned:
> On 8/31/06, Alex Dupre <[EMAIL PROTECTED]> wrote:
> > Andrew Pantyukhin ha scritto:
> > > Under no circumstances should a port install world-writable
> > > files or directories.
> >
> > > www/eaccelerator/Makef
On 8/31/06, Alex Dupre <[EMAIL PROTECTED]> wrote:
Andrew Pantyukhin ha scritto:
> Under no circumstances should a port install world-writable
> files or directories.
> www/eaccelerator/Makefile
Where? I suspect you grep'ed 777 inside Makefiles, but in eaccelerator
there is indeed a 's/777/755/'
Andrew Pantyukhin ha scritto:
> Under no circumstances should a port install world-writable
> files or directories.
> www/eaccelerator/Makefile
Where? I suspect you grep'ed 777 inside Makefiles, but in eaccelerator
there is indeed a 's/777/755/' substitution :-)
--
Alex Dupre
___
On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote:
> Under no circumstances should a port install world-writable
> files or directories. In most cases this opens the system to all
> kinds of attacks. A simple grep brings the following list of
> makefiles to attention. I imagine that
Under no circumstances should a port install world-writable
files or directories. In most cases this opens the system to all
kinds of attacks. A simple grep brings the following list of
makefiles to attention. I imagine that samba ports are
somehow justified, as for the other ones, I hope secteam
14 matches
Mail list logo