[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: squid proxy authentication.



ok, thanks,
I put my shadow file on even odder place.

Alon

Ariel Biener wrote:
> 
> On Tue, 17 Jul 2001, Oded Arbel wrote:
> 
> > Security wise , isn't this the same thing ?
> 
> No... Usually `sploit sc33ptz are looking for known things, like
> /etc/shadow for example. If you put a file in /usr/local/squid/etc, owned
> and readable by squid only, no exploit script knows it's there.
> 
> If someone has physical access to your machine, but doesn't have root,
> again, he/she will be able to read a world readable /etc/shadow, but not a
> squid owned and squid readable /usr/local/squid/etc/passwd
> 
> ..
> 
> --Ariel
> 
> --
> Ariel Biener
> e-mail: ariel@post.tau.ac.il
> PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html
> 
> =================================================================
> To unsubscribe, send mail to linux-il-request@linux.org.il with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail linux-il-request@linux.org.il

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il