> > Is it conceivable that another user on the same system (this being a > shared host) could have used the chgrp command to gain access to the > files? Or is chgrp pretty well locked down? Ideas welcome. Thanks! > --Ben S > > _______________________________________________
That would depend on how the shared host was configured. If some twit had arranged things so that all virtual users shared the same web account group, so your file permissions looked like: ben.webgroup Then it's possible that anyone with a shell account might be able to overwrite your files. However, that doesn't explain how they changed the group ownership. Given the nature of the attack it seems likely that someone has exploited a security loophole in the ISP's setup. As you say anyone who had direct ftp/shell access would probably simply delete the files. Ian. _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
