Date: Wed, 06 Dec 2006 21:08:18 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: Kris Kennaway <kris@obsecurity.org>, john Mish III <jmanfffreak@hotmail.com> Cc: questions@FreeBSD.org Subject: Re: su to root denied? Message-ID: <9AFFF19E085F4FF375D44EF2@paul-schmehls-powerbook59.local> In-Reply-To: <20061207024240.GA75975@xor.obsecurity.org> References: <BAY115-F332E6015760CD2256C6958BCDC0@phx.gbl> <20061207024240.GA75975@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========ED8F54D5D173EC3C9210========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On December 6, 2006 9:42:41 PM -0500 Kris Kennaway <kris@obsecurity.org> = wrote: > On Wed, Dec 06, 2006 at 07:52:50PM -0600, john Mish III wrote: >> I get this error message when I try to su to anything, either from root >> or to root, and I don't know why. >> $ su >> su: not running setuid > > Somehow your su application lost its setuid bit. Instead of blinding > chmodding it you may want to be careful and replace it with a known > good binary in case someone overwrote it somehow. > Or he's been hacked, and he needs to proceed very cautiously.... Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========ED8F54D5D173EC3C9210==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9AFFF19E085F4FF375D44EF2>