[hobbit] RE: [BULK] RE: [hobbit] Newbie Issues

Thomas Krieger tom at tom-krieger.de
Thu Apr 2 07:42:36 CEST 2009


Am Do April 2 2009 schrieb Josh Luthman:
> CentOS' sendmail config works out of the box for each of my Hobbit servers.
>
> >Which fping returns "/usr/local/sbin/fping"
> >Ls -l `which fping` returns (-rwsr-xr-x 1 root root 73958 Sep 22 2004
> > /usr/local/sbin/fping)
> >
> >Is this what you thought??
>
> Type chmod o+w /usr/sbin/fping then watch your conn tests work.

what should this be good for? If the fping binary is world writeable anyone 
can replace the binary with a different one executed automatically by hobbit. 
In my opinion a security hole. As you can see above the fping binary has 
already an execute bit for "other". This should be sufficient to execute the 
binary by the hobbit user.

Regrads

Thomas



More information about the Xymon mailing list