[hobbit] RE: [BULK] RE: [hobbit] Newbie Issues
Thomas Krieger
tom at tom-krieger.de
Thu Apr 2 07:42:36 CEST 2009
Am Do April 2 2009 schrieb Josh Luthman:
> CentOS' sendmail config works out of the box for each of my Hobbit servers.
>
> >Which fping returns "/usr/local/sbin/fping"
> >Ls -l `which fping` returns (-rwsr-xr-x 1 root root 73958 Sep 22 2004
> > /usr/local/sbin/fping)
> >
> >Is this what you thought??
>
> Type chmod o+w /usr/sbin/fping then watch your conn tests work.
what should this be good for? If the fping binary is world writeable anyone
can replace the binary with a different one executed automatically by hobbit.
In my opinion a security hole. As you can see above the fping binary has
already an execute bit for "other". This should be sufficient to execute the
binary by the hobbit user.
Regrads
Thomas
More information about the Xymon
mailing list