Re: Centos 5.3 -> Apache - Under Attack ? Oh hell....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, 2009-06-03 at 11:06 -0400, William L. Maltby wrote:
> <snip>

I just thought of this too.

There are two IDs tracked by the system. Effective (EUID) and the real
ID (UID). If the process has changed UID, by either suid bit or by
program call (I think it has to start as root for that to happen?), you
can run ps with a flag that will show you the real and/or EUID.

That might provide a clue as well.

HTH
-- 
Bill

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux