Re: crontab reports: ....

To: Bruno Van de Casteele <brunovdc@iname.com>
Cc: debian-user@lists.debian.org
Subject: Re: crontab reports: ....
From: Dave Baker <dsb3@earthlink.net>
Date: Sat, 9 Oct 1999 11:54:41 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.3.96.991009115122.9156B-100000@sundance.eth>
In-reply-to: <[🔎] 034001bf122f$d5d2fb40$0d70430a@puam.dhs.org>

> > /etc/cron.daily/suidmanager:
> > /usr/sbin/sendmail PERMISSION MISMATCH: was root.root 777 changed to root.root
> 4755
> >
> 
> this may sound stupid... but was does this error message means?
> 

This means that suidmanager found a problem with the sendmail executable
and fixed it.

Having permissions of 777 means that ANYONE can read/write/execute the
program.  The problem is in the WRITE portion - anyone with access to your
host can replace (or perhaps already has?) sendmail with their own
version.

Having permissions of 4755 means that group/other only have read and
execute permissions - the leading 4 indicates that the suid bit is set
(program runs under the uid of the owner of the program).


With an error like this popping up in the log file, I'd start checking the
system to see if the security has been compromised....

-dave

--
   |     oOOooO           /  
 --|    oOobodoO        /   dsb3@earthlink.net
 --|     ooOoOo       /    
   |       II       /     The wise man tells you where you have fallen
   |       II     /      and where you may fall - Invaluable secrets.

Reply to:

Follow-Ups:
- Re: crontab reports: ....
  - From: Ben Collins <bcollins@debian.org>

References:
- crontab reports: ....
  - From: "Bruno Van de Casteele" <bruno.vandecasteele@student.kuleuven.ac.be>

Prev by Date: Re: Configure - thank you
Next by Date: Re: crontab reports: ....
Previous by thread: RE: More: Re: crontab reports: ....
Next by thread: Re: crontab reports: ....
Index(es):
- Date
- Thread