Re: disabling "rogue" login hooks on [bsd type ] apple mac os x snow leopard-problem

[Marcin R <kaktus9news () gmail com>]

thanks, i'll certainly try this, but in case i will be unable to
locate the thing, maybe i wasn't totally clear -  either. what i want
to achieve is to purge logon exec sequence to it's default state-os x
does this by default but the -pf parameter sent to login process
overrides this default behavior what i'm trying to cancel this but i'm
unable to because the said control file is not in the location where
it was just  a month ago. i was wondering if there was some hidden [or
not hidden ] unix command that would force process control prefs back
to it's stock defaults.

Marcin R.

2011/5/5 Larry Offley <offley () gmail com>:
> I might not have been clear don't grep for the file but grep for the command
> that is opening the ports perhaps max OS in all its glory has renamed or
> consildated the file somehow so it isn't "there" anymore and has a new name
> or has been appended to another file . That kind of thing.
>
> Otherwise you could have some file corruption that is hiding the file from
> you but the system can see it to execute it.  It might be better to backup
> and reinstall.
>
> You could also grep the /dev/<hardrive_partion> for the command that is
> opening the ports
>
> Larry Offley
>
> On 5/4/2011 1:53 AM, Marcin R wrote:
> > i've grepped whole disk dir as root and just nothin
> >
> > 2011/5/4 Larry Offley<offley () gmail com>:
> > > Have you tried booting off another OS X install mounting the drive and
> > > editing it from there. perhaps using grep to find the file containing the
> > > command that opens those ports perhaps it just isn't where you are
> > > expecting
> > > it.
> > >
> > > Larry Offley
> > >
> > >
> > > On 5/3/2011 2:44 AM, Marcin R wrote:
> > > > hello group,
> > > > i have a question regarding deactivation of login hooks on Mac os X
> > > > 10.6 snow leo
> > > > some time ago i've written some debug script for my OS X root account
> > > > -now after fixing disc permissions the script has reactivated ad gone
> > > > rogue [disapeared from it's directory so i'm unable to delete]
> > > > when i login to Terminal i get
> > > > $ ps
> > > > ....other processes
> > > > login Marcin
> > > > when i type sudo su -
> > > > *password here*
> > > > i get the unwanted script execution
> > > > ps shows
> > > > login -pf Marcin
> > > > as a login process and i'm stuck cos only way i know of turning off
> > > > login hook is deleting the script from disk the com.apple.preferences
> > > > file with the dir pasted [apple's advice on creating login hooks] is
> > > > entirely non-present in given location
> > > > as this script opens few ports for net debug it poses sec threat and i
> > > > really desperately need to turn that login hook off
> > > > please advise and thanks in advice
> > > >
> > > > take care
> > > >
> > > > Marcin R.
> > > >
> > > > ------------------------------------------------------------------------
> > > > Securing Apache Web Server with thawte Digital Certificate
> > > > In this guide we examine the importance of Apache-SSL and who needs an
> > > > SSL
> > > > certificate.  We look at how SSL works, how it benefits your company and
> > > > how
> > > > your customers can tell if a site is secure. You will find out how to
> > > > test,
> > > > purchase, install and use a thawte Digital Certificate on your Apache
> > > > web
> > > > server. Throughout, best practices for set-up are highlighted to help
> > > > you
> > > > ensure efficient ongoing management of your encryption keys and digital
> > > > certificates.
> > > >
> > > >
> > > >
> > > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > > ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------