Date: Wed, 10 May 2000 23:54:49 +0200 From: Peter van Dijk <petervd@vuurwerk.nl> To: security@freebsd.org Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <20000510235449.D50484@vuurwerk.nl> In-Reply-To: <Pine.BSF.4.21.0005101627170.28527-100000@achilles.silby.com>; from silby@silby.com on Wed, May 10, 2000 at 04:42:54PM -0500 References: <Pine.BSF.4.10.10005101518090.75557-100000@pawn.primelocation.net> <Pine.BSF.4.21.0005101627170.28527-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 10, 2000 at 04:42:54PM -0500, Mike Silbersack wrote: [snip] > > In the long term, perhaps having a central database of all the public keys > on the system instead of authorized_keys is the correct answer. In the > meantime, I think some thought should be put to the issue of watching > root's authorized_keys - if someone kind find a way to cause some root > running daemon (say, mysql) to create an arbitrary authorized_keys, you'd > never see it happen in the security logs. Have a look at http://www.dataloss.net/papers/how.defaced.apache.org.txt to see how real the threat of a root-mysql is ;) Greetz, Peter. -- Powered by WUT? - Peter van Dijk [student:sysadmin:developer:madly in love] | `Yes, this was actually a hack and not | (petervd@|www.)vuurwerk.nl | a scritp kiddie clicking a mouse button.' | www.dataloss.net | - hackernews.com, commenting on the apache.org deface To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000510235449.D50484>