On Mon, May 21, 2007 at 11:59:33AM -0700, PeterPluta wrote: <snip> > > Looks like you were portupgrading around with postfix, screen and xterm. > > > > The output is diff(1). See the man page for details, but it's basically > > showing you the difference between last night's directory listing, and > > that > > of the previous day. > > > > For more gory details, see the scripts in /etc/periodic/security, which > > are > > run every night from cron. Some of the ports you changed resulted in > > changes to setuid/setgid programs installed on the system. As a security- > > concious administrator, you should be interested in the programs on your > > system that have elevated privilidges, so this script is provided to give > > you a daily report on that. > > I see, so basically after reinstalling the default uid/gid of some programs > changed? Is that a problem or anything?
It's not a problem. It's just something that you should be aware of from a security standpoint. In this case you caused it because you upgraded some ports, which is OK. But if the size, date, ownership or permissions of a binary change without any apparent cause, it _could_ be the work of an intruder or rootkit trying to backdoor your system. That's why the system checks it. In /etc/defaults/periodic.conf you see which settings there are concerning security, and what the defaults are. If you want to disable some of them, put the settings in /etc/periodic.conf with a "NO" value instead of "YES". But I would recommend to leave them as they are. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgp97mviUg63t.pgp
Description: PGP signature