Ack! I've been rooted...
Tim
ignored_mailbox at yahoo.com.au
Fri Feb 2 09:42:54 UTC 2007
On Fri, 2007-02-02 at 09:27 +0000, Alan wrote:
> Also check any scripts before restoring. You may find a user or
> root .login/.profile or similar in the /home area people habitually
> restore without checking contains hooks to reinstall any trojans. If
> you are paranoid remove the execute bits from everything you restore
> too.
It should probably go without saying, that things like /home, /var,
and /tmp are best mounted in a noexec mode, as well. It makes it harder
for something to get its foot in the door.
--
(Currently testing FC5, but still running FC4, if that's important.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the users
mailing list