Re: chkrootkit has me worried!

2005-11-28 Thread kevin bailey
and.. :/usr/local/sbin# /usr/lib/chkrootkit/chkproc -v PID 4: not in ps output PID 1769: not in ps output PID 15688: not in ps output PID 15690: not in ps output PID 17760: not in ps output PID 17762: not in ps output PID 21583: not in ps output PID 21585: not in ps output PID 21919: not in p

chkrootkit has me worried!

2005-11-28 Thread kevin bailey
hi, the following output looks like i've been rooted. i'm in the process of moving all services to another machine and restoring from backups etc. could anyone provide any analysis of what attack caused the problem - i would guess that it's possibly something o do with zope. thanks, kev :/usr

Re: What is a security bug?

2005-11-28 Thread Jochen Striepe
Hi, On 29 Nov 2005, Florian Weimer wrote: > * Jochen Striepe: > > On 28 Nov 2005, Michelle Konzack wrote: > >> If you allow to run apps as different user on the > >> same desktop, you pick security holes in your system. > > > > Please explain that, I don't understand at all. > > Trusted X app

Re: What is a security bug?

2005-11-28 Thread Florian Weimer
* Jochen Striepe: > Hi, > > On 28 Nov 2005, Michelle Konzack wrote: >> If you allow to run apps as different user on the >> same desktop, you pick security holes in your system. > > Please explain that, I don't understand at all. Trusted X applications ("trusted" in the sense that they are no

Re: What is a security bug?

2005-11-28 Thread Florian Weimer
* Michelle Konzack: > If you allow to run apps as different user on the > same desktop, you pick security holes in your system. In theory, the X security extension could prevent that. However, I have doubts that it offers significant protection because it is not really on the radar screen (even

Re: What is a security bug?

2005-11-28 Thread Jochen Striepe
Hi, On 28 Nov 2005, Michelle Konzack wrote: > If you allow to run apps as different user on the > same desktop, you pick security holes in your system. Please explain that, I don't understand at all. Curious, Jochen. -- "Right now I'm having amnesia and deja vu at the same time."

Re: What is a security bug?

2005-11-28 Thread Rolf Kutz
* Quoting Michelle Konzack ([EMAIL PROTECTED]): > Am 2005-11-25 14:34:24, schrieb Rolf Kutz: > > > It is possible, either as different users or with > > If you allow to run apps as different user on the > same desktop, you pick security holes in your system. Yes, but it would also solve some.

Re: What is a security bug?

2005-11-28 Thread Michelle Konzack
Am 2005-11-25 14:34:24, schrieb Rolf Kutz: > It is possible, either as different users or with If you allow to run apps as different user on the same desktop, you pick security holes in your system. > different profiles (mozilla profile manager). You I know, but this mean, I need to maintain tw