Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: Correction: CPSN 9:971208: Solaris /var Permission Problems

Re: Correction: CPSN 9:971208: Solaris /var Permission Problems

From: Tom Perrine <tep_at_SDSC.EDU>
Date: Tue, 13 Jan 1998 14:48:15 -0800

>>>>> The moving finger of Randy Mikesell, having written:

    Randy> Be careful on what you suggest. The last I heard, even Sun does not
    Randy> recommend that you run ASET in high. I know of more than one box that
    Randy> was trashed because the SA set ASET to high. It is a long and painfull
    Randy> process to restore the system after ASET is finished with it. It may be
    Randy> better to keep up on the patches and run scripts or other tools to keep
    Randy> track of the permissions.

I highly recommend cfengine (GNU software) to set
owner/group/permissions for such things. We've been using cfengine to
"repair" vendor file permissions for over a year, as well as install
all kinds of extra software, such as Kerberos, SSH, logdaemon,
tcp_wrappers, etc.

A find followed by a cfengine run is a good idea. Letting cfengine
run every morning and at every re-boot is a Great Idea. A
self-healing installation. 

--
Tom E. Perrine (tep_at_SDSC.EDU) | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/     | Voice: +1.619.534.5000
I miss my 36-bit friends: Multics, TOPS-10, and TOPS-20.
Received on Jan 13 1998
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos