According to edwin lin:
> I have ftped htdig to my home directory /export/home/edwin, unziped and
> untared the package. Then, I moved the htdig to /opt/htdig and did the
> installation. Then, I rundig to index the website. Everything works fine
> until last Thursday. All of these files and directories gone except the
> pages were indexed. Also gone were the directories of users under
> /export/home, and those under /opt. In other words, if I cd /export/home, or
> /opt, and ls -lt, the outcome is 0.
...
> The htdig version I used is 3.1.5.
Sounds like some pretty heavy damage, but it's not clear to me whether
this is the work of a hacker, or just an accident (e.g. a command script
that went haywire and deleted things it was never supposed to, or user
error somewhere), or even a bad disk causing parts of some key directories
to disappear (have you tried running fsck on it?). If you can enlist the
help of someone who knows your operating system, maybe you can track down
some clues as to the cause of this, if all clues have not been erased in
the process. This problem is way outside the scope of this mailing list.
It seems extremely unlikely that this bears any relation to your running
htdig on this system. I just can't imagine how htdig could cause anything
like this.
The only possibility I can see that would involve htdig in this is if
you use external_parsers, you dig sites that you cannot trust, and a
malicious user at one of these sites, who knows something about your
configuration and about a very obscure little hole remaining in 3.1.5,
sets up a series of pages on his site with some very craftily formed
URLs that would trick htdig into running commands on your system that the
malicious user fed to it. This is highly unlikely. There are no known
exploits that do this, and I can't even say for sure that it would be
possible to do this. I do know that if you don't use external_parsers,
or if you only dig your own web pages, this hole cannot be exploited.
If anyone is concerned, there is a patch that plugs this hole:
ftp://ftp.ccsf.org/htdig-patches/3.1.5/ExternalParser.2
--
Gilles R. Detillieux E-mail: <[EMAIL PROTECTED]>
Spinal Cord Research Centre WWW: http://www.scrc.umanitoba.ca/~grdetil
Dept. Physiology, U. of Manitoba Phone: (204)789-3766
Winnipeg, MB R3E 3J7 (Canada) Fax: (204)789-3930
_______________________________________________
htdig-general mailing list <[EMAIL PROTECTED]>
To unsubscribe, send a message to <[EMAIL PROTECTED]> with a
subject of unsubscribe
FAQ: http://htdig.sourceforge.net/FAQ.html
