-
February 8th, 2010, 10:09 PM
#1
Junior Member
Is my ROOT jacked?
Hello all,
I have a strange situation I would like to recount and get some input on.
The short version is that when I run the TAR command with -xvf as root
the extracted files show up in a directory owned by a different user and a
numerical group (500 to be exact). When I attempt to CD into the directory
the system tells me that the directory does not exist. After I chown the dir back to root and chgrp it out of 500 land, I can access the directory just fine.
I have checked the .bash_profile and disconnected the server from ldap using authconfig (this is CENTOS 4 btw) and the problem still persists... This is making me think that something is subverting commands created by root and executing them as another user... how can this be done? I was always under the impression that root is root and no one else.
If I need to post any config files or logs let me know.
Similar Threads
-
By nancy in forum Newbie Security Questions
Replies: 19
Last Post: December 11th, 2008, 08:39 AM
-
By thehorse13 in forum *nix Security Discussions
Replies: 15
Last Post: May 15th, 2003, 12:14 PM
-
By instronics in forum The Security Tutorials Forum
Replies: 0
Last Post: January 19th, 2003, 01:53 PM
-
By R0n1n in forum *nix Security Discussions
Replies: 3
Last Post: November 20th, 2002, 02:20 PM
-
By Nitro in forum The Security Tutorials Forum
Replies: 2
Last Post: July 3rd, 2002, 06:37 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|