chmod 4755 will put the setuid back on the file and to it's original setting.What is the normal setting for /usr/lib/authenticate?I set it to 755 and my users cannot get to their web stats now. Thanks.
As far as I can tell (and from what others have noted), if you're up-to-date with your Cobalt/SUN patches, you should be okay. Although an openSSL upgrade from Cobalt would be a nice treat.
You might want to chmod 700 gcc for a bit of extra security -that RaQFuCk.sh script (or was it the SSL exploit) needs to get hold of gcc to do it's thing.
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
