[2147] in linux-security and linux-alert archive
[linux-security] Re: Redhat Linux 6.0 Problem
daemon@ATHENA.MIT.EDU (jlewis@lewis.org)
Sat May 8 02:41:40 1999
From: jlewis@lewis.org
Date: Fri, 7 May 1999 12:01:50 -0400 (EDT)
To: Gregory A Lundberg <lundberg@vr.net>
cc: Lisa L Berdeja <lberdeja@2xtreme.net>, wu-ftpd@wugate.wustl.edu,
bugs@redhat.com, linux-security@redhat.com
In-Reply-To: <Pine.LNX.4.04.9905071137130.14885-100000@redhat1.mmaero.com>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
On Fri, 7 May 1999 jlewis@lewis.org wrote:
> # ldd ./ls
> /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000)
> libc.so.6 => /lib/libc.so.6 (0x4001c000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
>
> I've never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses
> it...but it doesn't exist. Perhaps that's got something to do with
> it...but its odd that the programs work when I chroot there and run them.
>
> > Oh, and are you using symlinks? If so, there's your problem. Symlinks
>
> No symlinks except for zcat -> gzip. This is a standard Red Hat
> installation. It looks like they just screwed up the wu-ftpd package and
> will probably issue an update sometime soon. For me, this isn't a huge
> issue. I'm not using RH 6.0 on production servers yet. I like to wait a
> few weeks after new releases and see how much stuff they broke and then
> either wait for the updates or use the source.
I just noticed another really wierd thing. For some reason the anonftp
package on Red Hat (at least 5.2 and 6.0) that includes the libs and bins
needed for wu-ftpd to work for anonymous FTP includes what seems to be a
copy of /bin/ash as /home/ftp/bin/sh. Why the heck would they include a
bourne shell in the anon bin directory?
----don't waste your cpu, crack rc5...www.distributed.net team enzo---
Jon Lewis *jlewis@lewis.org*| Spammers will be winnuked or
System Administrator | nestea'd...whatever it takes
Atlantic Net | to get the job done.
_________http://www.lewis.org/~jlewis/pgp for PGP public key__________
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
