toor is a base system user. It is a default user. It is used for several
reason and is secure as long as no one can access your console directly.
On Monday 16 August 2004 09:57 am, James A. Coulter wrote:
The following appeared in my latest daily security run output:
Checking for uids of 0:
Hi James,
The following appeared in my latest daily security run output:
Checking for uids of 0:
root 0
toor 0
This is the first time I've seen this message.
I checked /etc/passwd and found this:
root:*:0:0:Charlie :/root:/bin/csh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James A. Coulter wrote:
| The following appeared in my latest daily security run output:
|
| Checking for uids of 0:
| root 0
| toor 0
|
| This is the first time I've seen this message.
|
| I checked /etc/passwd and found this:
|
|
On Mon, Aug 16, 2004 at 09:57:37AM -0500, James A. Coulter wrote:
The following appeared in my latest daily security run output:
Checking for uids of 0:
root 0
toor 0
This is the first time I've seen this message.
I checked /etc/passwd and found this:
The following appeared in my latest daily security run output:
Checking for uids of 0:
root 0
toor 0
This is the first time I've seen this message.
I checked /etc/passwd and found this:
root:*:0:0:Charlie :/root:/bin/csh
toor:*:0:0:Bourne-again
On Mon, Aug 16, 2004 at 05:01:51PM +0200, Volker Kindermann wrote:
Hi James,
The following appeared in my latest daily security run output:
Checking for uids of 0:
root 0
toor 0
This is the first time I've seen this message.
I checked /etc/passwd and found
: Security question
I don't know anything about using sysinstall for security
patches/upgrades etc. WHat your looking for I think is cvsup. Please
read the handbook on Using CVSUP to get the latests source updates,
security patches for your release and even updating to a different
RELEASE
looked all through the handbook and faq's but could not
find a definitive answer.
Thanks
Kevin McKay
- Original Message -
From: Bryan Cassidy [EMAIL PROTECTED]
To: Kevin McKay [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, November 19, 2003 11:18 PM
Subject: Re: Security
Kevin McKay [EMAIL PROTECTED] writes:
You normally need to run the sysinstall from the version you're
updating to. You could configure your system's sysinstall to
load in the later version, and it should be compatible, but I
don't know the syntax for that offhand...
For reference,
I've never used sysinstall for anything but installing the operating
system. I'm sure what you want is cvsup. Use the
/usr/share/examples/cvsup/standard-supfile for updating source then
follow instructions in handbook on make world to update the system.
On Tue, 18 Nov 2003 21:09:03 -0800
Kevin
Kevin McKay [EMAIL PROTECTED] writes:
I have read through the documentation but have not been able to find
a definite answer. I am running a pretty core install of 5.1 minimal
+ bind9, postfix, apache, ssh, no ports collection. Here is my
question. When I run the binary update from sysinstall
So it will not just grab the latest patched binaries for 5.1? I am not
sure I understand. Is it just for updating between releases and not for
keeping the current release up to date?
Kevin
Lowell Gilbert wrote:
Kevin McKay [EMAIL PROTECTED] writes:
I have read through the documentation
I don't know anything about using sysinstall for security
patches/upgrades etc. WHat your looking for I think is cvsup. Please
read the handbook on Using CVSUP to get the latests source updates,
security patches for your release and even updating to a different
RELEASE or -CURRENT or -STABLE.
On
I don't know anything about using sysinstall for security
patches/upgrades etc. WHat your looking for I think is cvsup. Please
read the handbook on Using CVSUP to get the latests source updates,
security patches for your release and even updating to a different
RELEASE or -CURRENT or -STABLE.
On
I wonder if the better policy is to not run inherently insecure applications
to begin with. In theory if no-one can get to that box or make use of that
application from the internet then your only threats become internal ones.
Just for curiosity sake what does nmap tell you about your
15 matches
Mail list logo