My site was broken into a few months ago using one of the VGA utilities in
/usr/bin that was setuid-root. It has a hole which allows any file
(/etc/passwd in my case) to be overwritten. I have since then removed the
setuid bit from it and other programs.
I would recommend against having these VGA utilities setuid-root. In fact,
I set mine to be runnable by no one EXCEPT root. Someone could break in
from offsite and tweak your VGA settings, preventing you from seeing what's
being done! Has anyone else had experience with this hole?
Josh
--
______ printf("\x1B[1;35m\x1F\x1B[0m"); "Look to the/\
JoSH Lehan / future!"--/{}\
\/ ^^^ Try Linux instead. /______\