A little ninja suggested that I post this to the list as well (originally in the pdc forums):
Over the years I've seen a number of really bad configuration settings that can lead to compromise or unwanted information disclosure on *nix systems. Amongst these a common issue is configuration of NFS for easy of doing everything. The setting I'm talking about is found in the /etc/exports file and may appear something like: /home 192.168.0.*(rw,no_root_squash,insecure) This leads to giving full write access as root the everything in the /home directory to every IP address in the 192.168.0.0/24 subnet able to connect to the system via NFS. I'd like to know what poor configuration settings have others run across on *nix systems that are done for convenience and/or lack of knowledge concerning the settings found in these files. _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
