Berkeley CSUA MOTD:Entry 17349
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2026/05/20 [General] UID:1000 Activity:popular
5/20    

2000/1/27-28 [Computer/SW/OS/FreeBSD, Computer/SW/Security] UID:17349 Activity:high
1/26    Are the security benefits of mounting /usr partition in read-only
        mode worth the trouble of rebooting your server whenever you install
        OS patches or updates?  -sysadm
                \- this isnt worth doing ... at least not on solaris.
                spend a little more energy on keeping md5 checksums --psb
                \_ an ounce of prevention is wourth a pound of
                  "AAAa! We've been hacked, FIX IT!"
        \_ Depends on your needs.  Extra security vs convenience. In general,
           I'd say don't do stuff like this unless you're sure you need to.
           That you have to ask says you probably don't need it.
        \_ Most of the time you have to reboot after installing OS patches &
           updates anyway.
           \_ Ok I will modify my question. What about simple and yet
              important updates that DON'T require a reboot. I'd rather
              restrart a service than reboot. -sysadm
      \_   what's going to stop some cracker from just remounting /usr r/w,
        changing stuff, and then having a ball ?   I dont see
        any benefit in the world of mounts with -o remount or -u (bsd)  -ERic
                \_ The only security benfit is to block script kiddies.
                    Crackers with half a clue can get right past it.
        \_ You NEED TO BE ROOT to remount. the whole point is to make it
           more difficult for them to get it
        \_ Eye 0wn3d y00!111
2026/05/20 [General] UID:1000 Activity:popular
5/20    

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/9/20-11/7 [Computer/SW/Unix, Finance/Investment] UID:54482 Activity:nil
9/20    How do I change my shell? chsh says "Cannot change ID to root."
        \_ /usr/bin/chsh does not have the SUID permission set. Without
           being set, it does not successfully change a user's shell.
           Typical newbie sys admin (on soda)
           \_ Actually, it does: -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil
5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...