On Sun, Feb 03, 2008 at 11:20:00PM +0100, Mateusz Mierzwinski wrote: > After making memory dump and editing file in k hex editor I've found > unencrypted password to my linux. I thin'k thats not good because anyone > can read it with some php script with system() execution. > Password is fully readable. You'll need to be a little more explanatory than that. What process did the memory space in question belong to? Was is your system password, your gpg password or what? How were you dumping memory?
Unless you are running a web-facing PHP as root, a script running system() would only be able to get to it via root exploit or if the password was in a memory space accessible to the same process. -- Robin Hugh Johnson Gentoo Linux Developer & Infra Guy E-Mail : [EMAIL PROTECTED] GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
pgpDznZ10mCdg.pgp
Description: PGP signature
