PaulDotCom mailing list archives
Worst setting(s) in /etc
From: nberthaume at gmail.com (Nicholas B.)
Date: Wed, 3 Jun 2009 15:02:05 -0400
A little ninja suggested that I post this to the list as well (originally in the pdc forums): Over the years I've seen a number of really bad configuration settings that can lead to compromise or unwanted information disclosure on *nix systems. Amongst these a common issue is configuration of NFS for easy of doing everything. The setting I'm talking about is found in the /etc/exports file and may appear something like: /home 192.168.0.*(rw,no_root_squash,insecure) This leads to giving full write access as root the everything in the /home directory to every IP address in the 192.168.0.0/24 subnet able to connect to the system via NFS. I'd like to know what poor configuration settings have others run across on *nix systems that are done for convenience and/or lack of knowledge concerning the settings found in these files.
Current thread:
- Worst setting(s) in /etc Nicholas B. (Jun 03)
- <Possible follow-ups>
- Worst setting(s) in /etc d4ncingd4n at gmail.com (Jun 03)
- Worst setting(s) in /etc David A. Gershman (Jun 03)