[WBEL-devel] re: 2nd RC coming?
Johnny Hughes
mailing-lists@hughesjr.com
Wed, 26 Nov 2003 09:50:15 -0600
Not true .... the file that gets run .... /usr/sbin/sa needs a text file
at /usr/lib64/sa/sa1 or sa2 ...
the text files and directory are world writable ... the process is not.
On Wed, 2003-11-26 at 08:21, David E. Cox wrote:
> On Tue, 2003-11-25 at 13:28, Johnny Hughes wrote:
> > A work around that prevents the root mailbox from filling up is this
> > (as root):
> >
> > mkdir /usr/lib64
> > mkdir /usr/lib64/sa
> > touch /usr/lib64/sa1
> > touch /usr/lib64/sa2
> > chmod -R 777 /usr/lib64
> >
> > Johnny Hughes
>
> Yikes! don't do this.
>
> You've just created a world writable file that gets run as root every 10
> minutes.
>
> "rpm -e sysstat" will have the same effect but not introduce a security
> hole.
>
> dave
>