Date: Thu, 11 May 2000 09:55:13 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Paul Hart <hart@iserver.com>, freebsd-security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <20000511095512.D4889@fw.wintelcom.net> In-Reply-To: <200005111611.MAA17380@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, May 11, 2000 at 12:11:40PM -0400 References: <391A8A3C.795C15F7@algroup.co.uk> <Pine.BSF.4.21.0005110953510.8386-100000@anchovy.orem.iserver.com> <200005111611.MAA17380@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
* Garrett Wollman <wollman@khavrinen.lcs.mit.edu> [000511 09:46] wrote: > <<On Thu, 11 May 2000 10:03:38 -0600 (MDT), Paul Hart <hart@iserver.com> said: > > > If I can root your box, what's to stop me from falsifying the > > reference data in /var used by /etc/security to detect system > > changes? > > Stupidity and inexperience. That and chflags. :) > Also, not all break-ins result in root compromise. Most I've seen lately result in pretty hysterical /root/.bash_history files. :) -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000511095512.D4889>