 Questions and
Answers
Amy Rich
Q I'm running Solaris 8 on an E420R. Looking
through process listings, I note that sometimes ps runs as root, and sometimes
it runs as a normal user. My own ps process is always run by me, so I'm wondering
if these other users have somehow cracked root or something. I took a look at
both /usr/bin/ps and /usr/ucb/ps just to make sure that one of them was not
SUID root, and neither is:
-r-xr-xr-x 39 root bin 5256 Jan 5 2000 /usr/bin/ps
-r-xr-xr-x 39 root bin 5256 Jan 5 2000 /usr/ucb/ps
I also looked at the checksums on both ps binaries to make sure that they match
what came off the install media (to verify that neither was trojaned). Everything
checks out ok, so I'm wondering if there's another copy of ps floating around
somewhere or something more insidious.
A If you're running Solaris 8, /usr/ucb/ps
is just a wrapper that calls the appropriate version of ps based on the version
of SPARC hardware. If you look at /usr/ucb/sparcv7 and/or /usr/ucb/sparcv9,
you'll see that the ps binary contained within is SUID root. This is not to
say that you haven't been cracked, but if this is your only indication, then
most likely you don't have anything to worry about.
Q Since Verisign has put in wildcard records
for .com and .net, a bunch of our spam filtering has broken. How can I fix things
and ignore their bogus wildcard entry?
A Various DNS software developers have put
out patches to their software to ignore the wildcard redirect. If you're running
BIND, you can install 9.2.2-P3 and use delegation-only for .com and .net:
zone "com" { type delegation-only; };
zone "net" { type delegation-only; };
You can also install BIND 9.2
|
