transix
Verified User
Hello
Last week i had some problems on a DA server of mine i had to move a freebsd da machine 1.24.7 ( old owner never upgraded) to centos 4.5 with 1.30.2.
The old server containt a website which was being exploited normaly i secured my machine enough that it cant do any harm delete the stuff do some checks and all is fine after suspending the user that caused it.
This time when i was searching where they have put their files normally this is in /tmp but this time it was in some folders in /usr/local/directadmin/customapache
example curl , mhash-0.9.1 , libmcrypt-2.5.8
i never noticed these Folders being chmod 777 is this really necessary ?
If not can this be change or can i alter the setperms script. I noticed after a upgrade it gets the 777 rights back
I really dont like searching machines for possible folders that people can write to accept for the default ones you really need for a webserver.
Hope anybody can give me some advice.
cheers
Last week i had some problems on a DA server of mine i had to move a freebsd da machine 1.24.7 ( old owner never upgraded) to centos 4.5 with 1.30.2.
The old server containt a website which was being exploited normaly i secured my machine enough that it cant do any harm delete the stuff do some checks and all is fine after suspending the user that caused it.
This time when i was searching where they have put their files normally this is in /tmp but this time it was in some folders in /usr/local/directadmin/customapache
example curl , mhash-0.9.1 , libmcrypt-2.5.8
i never noticed these Folders being chmod 777 is this really necessary ?
If not can this be change or can i alter the setperms script. I noticed after a upgrade it gets the 777 rights back
I really dont like searching machines for possible folders that people can write to accept for the default ones you really need for a webserver.
Hope anybody can give me some advice.
cheers
