On Mon, 1 Aug 2011 12:39:44 +0100 Tom Evans <tevans.uk@xxxxxxxxxxxxxx> wrote: > On Mon, Aug 1, 2011 at 12:27 PM, vishesh kumar <linuxtovishesh@xxxxxxxxx> wrote: > > Hi Members > > > > I am getting ?????? ??????? ????.doc and ?????? ??????? ????.xls files in > > /tmp parition. The owner of all these files are www . I am running apache on > > centos . Does it indicate any security breach ? > > > > Vishesh Kumar Are those questionmarks just how something gets rendered in email? > Not necessarily. Do you run any apps on the server by www, including > PHP? Do they write out temporary files in /tmp before serving them? "Not necessarily" is a long way from a clear No! If there's an application that legitimately creates files in /tmp, the sysop should know about it! > I can't think what sort of security breach would be achieved by > placing a few www owned files in /tmp. A file that might hope to be executed, or fed into something? Uploading is likely just an early stage of a breakin. -- Nick Kew Available for work, contract or permanent. http://www.webthing.com/~nick/cv.html --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|