Results 1 to 4 of 4
  1. #1

    How I fixed my exim....

    How I Fixed My Exim Was Allow Perl Access To Other Users Besides Root

    chmod 755 -R /usr/bin/perl

    Restart Exim

    /scripts/restartsrv_eximstats

    Issue Was Resolved.

    Hope This Helps, I know its a old post but i was havin the same issue and came apoun this post so im sure someone else will.

    <<signatures need to be setup in your profile>>
    Last edited by sirius; 08-28-2007 at 02:39 PM.

  2. #2
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,876
    Quote Originally Posted by xdsinc View Post
    How I Fixed My Exim Was Allow Perl Access To Other Users Besides Root

    chmod 755 -R /usr/bin/perl

    Restart Exim

    /scripts/restartsrv_eximstats

    Issue Was Resolved.

    Hope This Helps, I know its a old post but i was havin the same issue and came apoun this post so im sure someone else will.

    <<signatures need to be setup in your profile>>
    why would your perl binary be locked off from anyone other than root?
    Last edited by sirius; 08-28-2007 at 02:39 PM.

  3. #3
    Well in my Certain Case, Some Guy Keeps Running Perl Scripts out of my Tmp Directory although i secured the tmp directory he keeps uploading and running so i disabled the scripts for all users except root for now.

    Any Ideas?

  4. #4
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    9,072
    Quote Originally Posted by xdsinc View Post
    Well in my Certain Case, Some Guy Keeps Running Perl Scripts out of my Tmp Directory although i secured the tmp directory he keeps uploading and running so i disabled the scripts for all users except root for now.

    Any Ideas?
    Do you have a decent mod_security ruleset in place? Most scripts that are downloaded are done via file inclusion exploits, not all, but most.

    You could also limit access to wget, curl, lynx, fetch, etc... but a decent mod_security ruleset will usually catch the exploit before it has a chance to even download a malicious script.
    RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca

    www.HostingSecList.com - Security Notices for the Hosting Community.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •