K, i seen so much info about the local root exploit that i am more confused than when i saw that there was a exploit. Can someone please give a good answer what to do so that still everything works fine.
Michel ----- Original Message ----- From: "Eugene Crosser" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 23, 2002 1:43 PM Subject: Re: FW: [cobalt-security] Local Root exploit > On Mon, 2002-09-23 at 14:33, Michael Stauber wrote: > > > Turning off suid privileges on /usr/lib/authenticate means apache won't be > > > able to authenticate users anymore. > > > So, you won't be able to access admin console. > > > > That's not correct. > > > > I have removed the SUID bit on /usr/lib/authenticate on all my RaQs and and > > still everything except Frontpage works. I don't use Frontpage, so I'm still > > a happy camper. > > That admin console still works is apparently a side effect of admserv > running with root uid. Under "regular" apache you will be unable to use > PAM authentication because /etc/shadow will become unreadable. E.g. you > won't be able to access /stats/ directories of individual virtual > servers. > > Eugene > > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
