From owner-freebsd-security Sat Jun 19 22:15:37 1999 Delivered-To: freebsd-security@freebsd.org Received: from srh0710.urh.uiuc.edu (srh0710.urh.uiuc.edu [130.126.76.32]) by hub.freebsd.org (Postfix) with SMTP id DBB5814C59 for ; Sat, 19 Jun 1999 22:15:35 -0700 (PDT) (envelope-from ftobin@bigfoot.com) Received: (qmail 67035 invoked by uid 1000); 20 Jun 1999 05:15:34 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 20 Jun 1999 05:15:34 -0000 Date: Sun, 20 Jun 1999 00:15:34 -0500 (CDT) From: Frank Tobin X-Sender: ftobin@srh0710.urh.uiuc.edu To: FreeBSD-security Mailing List Subject: Re: securelevel descr In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Frank Tobin, at 23:12 on Sat, 19 Jun 1999, wrote: > Nicholas Brawn, at 11:34 on Sun, 20 Jun 1999, wrote: > > > The intruder could still setup a cron job to periodically start up > > the backdoor. > > I mean, jeez, how many times do I have to say 'chflags'? > Erm, I wasn't thinking straight when I sent that. A better thing that I should have said is that you start up cron in the startup scripts late, so that the intruder can't influece the startup sequence through a 'memorization' process. -- Frank Tobin "To learn what is good and what is to be http://www.bigfoot.com/~ftobin valued, those truths which cannot be shaken or changed." Myst: The Book of Atrus FreeBSD: The Power To Serve PGPenvelope = GPG and PGP5 + Pine PGP: 4F86 3BBB A816 6F0A 340F http://www.bigfoot.com/~ftobin/resources.html 6003 56FF D10A 260C 4FA3 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message