Re: [newbie] Why file privileges changing?
I want to thank everyone for helping with this problem. We ended up creating a new directory in /usr/local, and now msec does not interfere. Kathy Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
i've seen the same problem. no answer, but i'm thinking it's one of the deamons associated with security levels/permissions/authorizations. possibly msec, since it does run a cron job if installed and running. check ps ax | grep msec as root to verify. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
The cron.hourly directory has a pointer to the msec daemon(msec - /usr/sbin/msec). If we remove the pointer, would that cause security problems? Kathy --- [EMAIL PROTECTED] wrote: i've seen the same problem. no answer, but i'm thinking it's one of the deamons associated with security levels/permissions/authorizations. possibly msec, since it does run a cron job if installed and running. check ps ax | grep msec as root to verify. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
i don't know, honestly. you might try commenting that out, see what happens. also, perhaps run msec to change the security to a lower level and see what results you get. either allows for a quick recovery if necessary, i would think. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? The cron.hourly directory has a pointer to the msec daemon(msec - /usr/sbin/msec). If we remove the pointer, would that cause security problems? Kathy --- [EMAIL PROTECTED] wrote: i've seen the same problem. no answer, but i'm thinking it's one of the deamons associated with security levels/permissions/authorizations. possibly msec, since it does run a cron job if installed and running. check ps ax | grep msec as root to verify. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Why file privileges changing?
Title: RE: [newbie] Why file privileges changing? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Monday, October 28, 2002 9:31 AM To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? i've seen the same problem. no answer, but i'm thinking it's one of the deamons associated with security levels/permissions/authorizations. possibly msec, since it does run a cron job if installed and running. check ps ax | grep msec as root to verify. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx 2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r-- 1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r-- 1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r-- 1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx 2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x 2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- I saw this on the list before, and it was due to security set to high or at least above standard. Could be the problem. HTH Dennis M.
RE: [newbie] Why file privileges changing?
Can you tell me how to set the security to normal. Thanks, Kathy --- [EMAIL PROTECTED] wrote: I saw this on the list before, and it was due to security set to high or at least above standard. Could be the problem. HTH Dennis M. --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Why file privileges changing?
man msec should give you the details. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: RE: [newbie] Why file privileges changing? Can you tell me how to set the security to normal. Thanks, Kathy --- [EMAIL PROTECTED] wrote: I saw this on the list before, and it was due to security set to high or at least above standard. Could be the problem. HTH Dennis M. --- end of quote --- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Why file privileges changing?
Actually, msec is a set of script, not a daemon. One thing it does is set up periodic checks over file permissions, which can be overridden. Try adding to /etc/security/msec/perm.local an entry with the directories you don't want to be changed. Here's a link with some more explanation: http://www.mandrakesecure.net/en/docs/msec.php good luck, raffaele [EMAIL PROTECTED] wrote: This is a multi-part message in MIME format... =_1035820266-26991-4268 The cron.hourly directory has a pointer to the msec daemon(msec - /usr/sbin/msec). If we remove the pointer, would that cause security problems? Kathy --- [EMAIL PROTECTED] wrote: i've seen the same problem. no answer, but i'm thinking it's one of the deamons associated with security levels/permissions/authorizations. possibly msec, since it does run a cron job if installed and running. check ps ax | grep msec as root to verify. --- Original Message --- From: [EMAIL PROTECTED] (Katherine Richmond) To: [EMAIL PROTECTED] Subject: Re: [newbie] Why file privileges changing? No, all we have to do is wait about 30 - 45 minutes and it changes back to drwxr-xr-x (automatically?) Kathy --- [EMAIL PROTECTED] wrote: Have you started and stopped ftp or any service that uses that directory recently? Hi Everyone, What would be causing the file privileges for group and world to change on a directory? For example, the security on /home/ftp_data changed from drwxrwxrwx to drwxr-xr-x even though no one did a chmod (or anything else) to that directory. Here are the steps that were taken for this directory. Note: We need write privileges for world since we are FTP'ing some data into this file from a CGI script. 1. Log on as root 2. cd /home 3. chmod 777 ftp_data 4. ls -l shows: drwxrwxrwx2 root root 4096 Oct 17 10:07 ftp_data/ 5. Ran the CGI script that ftp's data into ftp_data. 6. After CGI script finishes, did ls -l ftp_data -rw-r--r--1 apache apache 4281 Oct 18 14:20 31789_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 09:37 34389_372474.dat -rw-r--r--1 apache apache 4281 Oct 17 10:07 85592_372474.dat 7. Then did ls -l from /home directory drwxrwxrwx2 root root 4096 Oct 18 14:20 ftp_data/ So, at this point we are able to see that we allowed rwx to all, were able run a CGI script that wrote data into the ftp_data directory, and then showed that the ftp_data directory did not change it's privileges after the CGI script had finished. 7. About 30 minutes later, did another ls -l from /home and got the following: drwxr-xr-x2 root root 4096 Oct 18 14:20 ftp_data/ which shows that group and world have their write privileges turned off. Note: We did not log off from root during this time. We do not have any cron jobs running, so we cannot think of any reason why the security on this directory keeps changing. As an FYI, we have another server running where we had made this same exact security change on /home/ftp_data, and it has never changed it's settings. Thank you, Kathy --- end of quote --- =_1035820266-26991-4268 Content-Type: text/plain; name=message.footer Content-Disposition: inline; filename=message.footer Content-Transfer-Encoding: 8bit Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com =_1035820266-26991-4268-- . -- Raffaele BELARDI ST Microelectronics TPA Telecom-Networks WLANBU Via C.Olivetti 2 I-20041 Agrate Brianza (Mi) - Italy phone +39.039.603.7342 fax +39.039.603.6270 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com