Date: Mon, 10 Jan 2000 01:08:03 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: audit@freebsd.org Subject: Simple task Message-ID: <Pine.BSF.4.21.0001100104190.85117-100000@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
Here's something simple you guys can do: install /usr/ports/security/l0pht-watch and run it constantly for a few days, and look at what it picks up. There are lots of insecurely-named tempfiles created by FreeBSD utilities and ports, even ones which otherwise create the files atomically (using 6 Xs in mkstemp() isn't very secure, since 5 of those are usually taken up by the PID, which is fairly easy to predict). Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001100104190.85117-100000>