[techtalk] bizarre....
Nils Philippsen
nils at wombat.dialup.fht-esslingen.de
Mon Dec 13 13:59:10 EST 1999
On Sun, 12 Dec 1999, Cynthia Dale wrote:
> 2. If your are running Red Hat Linux, run rpm -Va >rpmlist and check that
> out for a few things:
> MD5 sums
> missing files
> added files
You won't catch added files with rpm -Va -- they're just not in the
database, so they won't get checked. You might want to find setuid/setgid
binaries with 'find / -perm +6000' and ensure that they're ok:
find / -perm +6000 > /tmp/suidfiles
rpm -qf `cat /tmp/suidfiles` 2>/tmp/nopkgsuid | sort | uniq >/tmp/suidpkgs
In /tmp/nopkgsuid you'll find the files that are suid and don't belong to
a package (check those carefully). With 'rpm -V `cat /tmp/suidpkgs`' you
can verify the packages that hold suid files.
> If you're not running Red Hat, it will be a little more difficult. Check
If you're not running a distro with RPM ... (almost anything except
Slackware, Debian, Corel (Debian derivative) and Stampede IIRC).
Nils
--
Nils Philippsen / Berliner Straße 39 / D-71229 Leonberg // +49.7152.209647
nils at wombat.dialup.fht-esslingen.de / nils at fht-esslingen.de / nils at redhat.de
The use of COBOL cripples the mind; its teaching should, therefore, be
regarded as a criminal offence. -- Edsger W. Dijkstra
************
techtalk at linuxchix.org http://www.linuxchix.org
More information about the Techtalk
mailing list