From: Fred B. <ba...@ae...> - 2002-07-24 18:51:03
|
Hi, Yesterday, I conducted a security audit on a number of our systems. In doing this, I discovered that a number of files in the webmin directories contained files that were group writable, including a number of cgi files, such as webmin/postgresql/edit_user.cgi. This appears to be true on those systems upgraded via rpm as well as by tarballs. Is it necessary for any of these files to be group writable? Could the permissions be tightened up? Fred Bacon Aerodyne Research, Inc. |