Root password? You had a root password? > Rlogin and hosts.equiv ranks up there with writing the root password on a whiteboard in BIG letters > > > ------Original Message------ > From: Nicholas B. > Sender: [email protected] > To: [email protected] > ReplyTo: PaulDotCom Security Weekly Mailing List > Subject: [Pauldotcom] Worst setting(s) in /etc > Sent: Jun 3, 2009 2:02 PM > > A little ninja suggested that I post this to the list as well > (originally in the pdc forums): > > Over the years I've seen a number of really bad configuration settings > that can lead to compromise or unwanted information disclosure on *nix > systems. Amongst these a common issue is configuration of NFS for > easy of doing everything. The setting I'm talking about is found in > the /etc/exports file and may appear something like: > > /home 192.168.0.*(rw,no_root_squash,insecure) > > This leads to giving full write access as root the everything in the > /home directory to every IP address in the 192.168.0.0/24 subnet able > to connect to the system via NFS. > > I'd like to know what poor configuration settings have others run > across on *nix systems that are done for convenience and/or lack of > knowledge concerning the settings found in these files. > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > Sent from my Verizon Wireless BlackBerry > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > >
--------------- David A. Gershman [email protected] http://dagertech.net/gershman/ "It's all about the path!" --d. gershman _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
