SCO OpenServer & filePro permissions
Bill Campbell
bill at celestial.com
Mon Oct 11 17:18:03 PDT 2010
On Mon, Oct 11, 2010, scooter6 at gmail.com wrote:
>So does it matter what I set filepro's password to? I never knew it got
>installed with a password, much less a password that expires??
>Strange......
Users without passwords or with weak passwords that have login shells,
(e.g. /bin/sh, /bin/bash, etc.) are frequently used by crackers to gain
shell access to systems where they can then exploit vulnerabilities to gain
root access. I probably see a half-dozen of this type of crack every year
where the cracker gained access through poorly designed web tools such as
webmin's usermin, or via php exploits of user's personal web pages in the
$HOME/public_html directories.
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792
Liberals love to say things like, 'We're just asking everyone to pay
their fair share.' But government is not about asking. It is about telling.
The difference is fundamental. It is the difference between making love and
being raped, between working for a living and being a slave.
Dr. Thomas Sowell, Forbes, July 1994
More information about the Filepro-list
mailing list