Kirk Strauser wrote:
At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
Normally the master.passwd is backed up regularly by cron (/var/backups),
so maybe no need to backup it again.
Were you joking? Surely you're not implying that there's no need to copy
the data to tape (
In <[EMAIL PROTECTED]>, Andrew Prewett
<[EMAIL PROTECTED]> typed:
> Today Mike Meyer wrote:
> > In <[EMAIL PROTECTED]>, Andrew Prewett
><[EMAIL PROTECTED]> typed:
> > > Today Kirk Strauser wrote:
> > > > At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> > > > > Normally the m
At 2003-01-07T22:50:08Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> No, "umgekehrt", ideally / should be on a separate drive and /home, /var,
> /usr on another drive(s). I mean, I wouldn't put my company database,
> fileserver, etc. on a machine with only one drive. So, my wording was
> maybe
Today Ed Hall wrote:
> > Today Kirk Strauser wrote:
> > > At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]>
> writes:
> > > > Normally the master.passwd is backed up regularly by cron
> (/var/backups),
> > > > so maybe no need to backup it again.
> >
> > > Were you joking? Surely you'r
Today Mike Meyer wrote:
> In <[EMAIL PROTECTED]>, Andrew Prewett
><[EMAIL PROTECTED]> typed:
> > Today Kirk Strauser wrote:
> > > At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> > > > Normally the master.passwd is backed up regularly by cron (/var/backups),
> > > > so maybe
In <[EMAIL PROTECTED]>, Andrew Prewett
<[EMAIL PROTECTED]> typed:
> Today Kirk Strauser wrote:
> > At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> > > Normally the master.passwd is backed up regularly by cron (/var/backups),
> > > so maybe no need to backup it again.
> > Wer
At 2003-01-07T20:13:51Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> If /etc and /var are on the same HD, then it's not a production machine or
> the setup is simly wrong.
So you don't backup machines with more than one drive? I'm confused.
--
Kirk Strauser
In Googlis non est, ergo non est.
> Today Kirk Strauser wrote:
> > At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]>
writes:
> > > Normally the master.passwd is backed up regularly by cron
(/var/backups),
> > > so maybe no need to backup it again.
>
> > Were you joking? Surely you're not implying that there's no need
Today Kirk Strauser wrote:
>
> At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
>
> > Normally the master.passwd is backed up regularly by cron (/var/backups),
> > so maybe no need to backup it again.
>
> Were you joking? Surely you're not implying that there's no need to copy
At 2003-01-07T17:35:49Z, Andrew Prewett <[EMAIL PROTECTED]> writes:
> Normally the master.passwd is backed up regularly by cron (/var/backups),
> so maybe no need to backup it again.
Were you joking? Surely you're not implying that there's no need to copy
the data to tape (which is the most co
Lowell Gilbert wrote:
[ ... ]
This is silly. Just set umask properly, and you'll be all set.
This should not be something for individual programs (like
dump) to worry about.
Disagree. Most individual programs do not create world-readable files
containing root's view of the filesystem data.
Mark <[EMAIL PROTECTED]> writes:
> There may be a lot more files one wishes not to be world-readable. :) And
> excluding them all from the dump may not be the answer. Especially since it
> would be very little trouble to adjust dump's code in such a way that it
> writes chmod 600 to begin with.
T
Hi Mark,
> When dumping to a file, dump writes this file chmod 644. When the
> root-partition is being backed-up, this leaves the dump-file vulnerable
> to scanning by unprivileged users for the duration of the dump.
This is an important issue you've found in dump. Please submit a PR
with the sen
- Original Message -
From: "Andrew Prewett" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 07, 2003 6:06 PM
Subject: Re: security vulnerability in dump
> Today Mark wrote:
>
> > I believe I have found a security vulnerability i
Today Mark wrote:
> I believe I have found a security vulnerability in dump, which, under the
> right conditions, allows any user with shell-access to gain root-privileges.
>
> When dumping to a file, dump writes this file chmod 644. When the
> root-partition is being backed-up,
Today Mark wrote:
> I believe I have found a security vulnerability in dump, which, under the
> right conditions, allows any user with shell-access to gain root-privileges.
>
> When dumping to a file, dump writes this file chmod 644. When the
> root-partition is being backed-up,
I believe I have found a security vulnerability in dump, which, under the
right conditions, allows any user with shell-access to gain root-privileges.
When dumping to a file, dump writes this file chmod 644. When the
root-partition is being backed-up, this leaves the dump-file vulnerable to
17 matches
Mail list logo