Date: Tue, 12 Jan 2016 19:06:06 -0500 From: "David W. Hodgins" <davidwhodgins@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Discuss: Daily/weekly cron jobs best practices On Mon, 11 Jan 2016 05:25:11 -0500, Tim Brown <tmb@...35.com> wrote: > Not uncommon, we pop almost every UNIX box we touch this way, I assume you've > seen unix-privesc-check? Tried it. Too much output to be of any use. With complaints like I: [group_writable] /home/dave/home/dave/.gnupg/pubring.gpg is owned by user dave (group dave) and is group-writable (-rwxrwx---) W: [setgid] /usr/lib64/kde4/libexec/kdesud is setgid (root, nogroup): -rwxr-sr-x W: [setuid] /usr/bin/su is setuid (root, root): -rwsr-xr-x With 152149 lines going to stdout on my system, a quick skim of the output doesn't show anything useful. I don't see anything in the output that it's complaining about, that isn't as it should be. Regards, Dave Hodgins
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.