I dont understand..
If i just make it an alias people could just change the alias..
whats this rootkits thing?
/Steve
----- Original Message -----
From: "David Blomberg" <dblomber@libertec.com>
To: <security-discuss@linuxsecurity.com>
Sent: Tuesday, November 19, 2002 5:32 PM
Subject: Re: Making ps secure
> Same thing makers of rootkits do change the way the apps operate (just
> program in some sanity check prior to execution) alternatively make
> aliases to the commands so that ps -auxf behaves like ps
>
> On Tue, 2002-11-19 at 15:17, Steven Adams wrote:
> > Hi,
> > I am running slackware linux and i notice that on freebsd and some
other
> > distros when u type ps auxf it only outputs the processes your running
and
> > not anyone else..
> >
> > I was wondering how they made it do this..
> >
> > Ive also noticed that in a users home dir .bash_history is owned by the
> > user.. But if the user trys to remove it or chmod it to a diferent
setting
> > it says operation not permitted.
> >
> > Ive also seen this before
> > When someone trys a normal ping.
> >
> > ping: socket: Operation not permitted
> >
> > How are theses things done and is there a site thats tells u in detail
on
> > how to make your system secure
> >
> > /Steve
> >
> > ------------------------------------------------------------------------
> > To unsubscribe email security-discuss-request@linuxsecurity.com
> > with "unsubscribe" in the subject of the message.
> --
> David Blomberg <dblomber@libertec.com>
> Nihon Libertec
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
