Hey all,
After the recent phpBB worm hit, I sat down and did the following...
find -H /home -perm -2 -print to find all files with the world-writable bit set.
Here's a small sample of the result... (below).
I've confirmed with ls -al that these files ARE rw-rw-rw-
Can someone tell me 1) WHY?
and 2) If there's a knob to tweak this?
If you need any further testing, please let me know.
-Dan
/home/aseka/.razor/servers.discovery.lst /home/aseka/.razor/servers.catalogue.lst /home/aseka/.razor/servers.nomination.lst /home/aseka/.razor/server.thrill.cloudmark.com.conf /home/aseka/.razor/server.pride.cloudmark.com.conf /home/aseka/.pyzor /home/aseka/.pyzor/servers /home/asaucr/.spamassassin/user_prefs /home/artzyfartzy/.razor/razor-agent.log /home/artzyfartzy/.razor/servers.discovery.lst /home/artzyfartzy/.razor/servers.catalogue.lst /home/artzyfartzy/.razor/servers.nomination.lst /home/artzyfartzy/.razor/server.pride.cloudmark.com.conf /home/artzyfartzy/.spamassassin/user_prefs /home/artzyfartzy/.pyzor /home/artzyfartzy/.pyzor/servers /home/arania/.spamassassin/user_prefs /home/arania/.razor/razor-agent.log /home/arania/.razor/servers.discovery.lst /home/arania/.razor/servers.catalogue.lst /home/arania/.razor/servers.nomination.lst /home/arania/.razor/server.pride.cloudmark.com.conf /home/arania/.pyzor /home/arania/.pyzor/servers /home/aracari/.spamassassin/user_prefs /home/andrew/.spamassassin/user_prefs /home/allreal/.razor/razor-agent.log /home/allreal/.razor/servers.discovery.lst /home/allreal/.razor/servers.catalogue.lst /home/allreal/.razor/servers.nomination.lst /home/allreal/.razor/server.thrill.cloudmark.com.conf /home/allreal/.pyzor /home/allreal/.pyzor/servers /home/alducr/.spamassassin/user_prefs /home/alanmaslar/.spamassassin/user_prefs
--
"You can't call yourself a dork if you don't use UNIX!"
-Dan Mahoney, May 1997
--------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
