Yes this was not a hack... my files are in the same condition even after
reinstalling the RPMS to be sure... the reason it said it changed was
likely because you upgraded an RPM and it changed it for you, or this was
the first time the security scan was run. But now I do have to ask... why
does ping need to be suid root? and why do some of the other files he
listed have to be suid as well??
-Gary Simmons
On Tue, 25 Apr 2000, Wang Jian wrote:
> Sorry, but mout, su, and umount should be suid.
> A rpm -Va can find all files changed since installation.
>
>
> Monday, April 24, 2000, 11:08:42 PM, you wrote:
>
> RJ> Ron, re-read the message. It specifically says that file the shouldn't be suid
> RJ> have been changed to suid since the last scan.
>
> RJ> For instance, mount, su, and umount should never be suid. They aren't installed
> RJ> that way, so "something" had to change them.
>
> RJ> Even if it wasn't a hack job, there are many security holes here. I wouldn't want
> RJ> to have that system anywhere near a public network until it's fixed.
>
> RJ> Russ
>
>
>
>
>
