[CentOS] an actual hacked machine, in a preserved state
email builder
emailbuilder88 at yahoo.comFri Jan 6 04:13:52 UTC 2012
- Previous message: [CentOS] an actual hacked machine, in a preserved state
- Next message: [CentOS] an actual hacked machine, in a preserved state
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> 1.) Attacker uses apache remote exploit (or other means) to obtain > your /etc/shadow file (not a remote shell, just GET the file > without that fact being logged); I don't mean to thread-hijack, but I'm curious, if apache runs as its own non-root user and /etc/shadow is root-owned and 0400, then how could any exploit of software not running as root ever have access to that file??
- Previous message: [CentOS] an actual hacked machine, in a preserved state
- Next message: [CentOS] an actual hacked machine, in a preserved state
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list