Date: Wed, 16 Apr 1997 13:50:14 -0600 (MDT) From: Wes Peters - Softweyr LLC <softweyr@xmission.com> To: neil@corpex.com (Neil) Cc: questions@freebsd.org Subject: Re: 'b' Files Message-ID: <199704161950.NAA12651@xmission.xmission.com> In-Reply-To: <m0wHYGY-0003ztC@corpex.com> from "Neil" at Apr 16, 97 06:13:06 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Neil Fowler Wright asked:
> We recently had a disk crash, and certasin 'b' and 'c' type nonesense
> files have been created.
> How can we delete them?
>
> eg.
>
> b--sr-srwt 1 10 wheel 32, 538968096 May 5 16:53 1929
This is a block-special device, like a disk drive. Just rm -f 1929
in that directory. You may want to check /dev and make sure the crash
didn't ruin things there as well. Also, if this appeared in a directory
that is writable by users on your system, you may have uncovered a
hacking attempt.
For instance, if you find an entry in a users directory that looks
like:
crw-r----- 1 user group 2, 1 Jun 13 22:17 foo
this 'user' now has the ability to snoop at kernel memory at will,
and can crash the system at will (device 2,1 is the kernel memory
pseudo-device).
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.xmission.com/~softweyr softweyr@xmission.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704161950.NAA12651>