Persmissions changing on root directories?
Hello,
This past week I have had an issue with permissions changing on the root directories. Permissions don't change beneath the directories. The strange thing is even the root dot directories change. I don't know if this is a securiyt issue or not. I have a Cisco firewall in place, blocking EVERYTHING but ssh, http and https, dns and sendmail. This seemed to start happening after I installed WINE and played with some of the configuration settings. Every so often my root directory winds up looking like this:
drwxrwxrwx 20 root root 456 Jun 12 19:19 ./
drwxrwxrwx 20 root root 456 Jun 12 19:19 ../
drwxrwxrwx 2 root bin 2416 Apr 10 00:54 bin/
drwxrwxrwx 3 root root 336 Apr 16 11:11 boot/
drwxrwxrwx 15 root root 63096 Jun 10 13:30 dev/
drwxrwxrwx 56 root root 5760 Jun 14 10:30 etc/
drwxrwxrwx 17 root root 400 May 12 08:20 home/
drwxrwxrwx 4 root root 2656 Apr 13 15:40 lib/
drwxrwxrwx 6 root root 144 Jun 8 14:52 mnt/
drwxrwxrwx 4 root root 96 Sep 14 2003 opt/
drwxrwxrwx 99 root root 0 Jun 10 06:29 proc/
drwxrwxrwx 24 root root 1216 Jun 10 13:28 root/
drwxrwxrwx 2 root bin 5704 Sep 1 2003 sbin/
drwxrwxrwx 17 root root 2080 Jun 14 10:28 tmp/
drwxrwxrwx 19 root root 568 Dec 7 2003 usr/
drwxrwxrwx 19 root root 528 Apr 20 15:12 var/
The way I found out was sendmail died and when I tried restarting it gave me an error that /etc/mail and /var/spool/mail were world writeable. They weren't but the parent directories /etc and /var were. I changed everything back and sendmail starting working again. However, it's happened a total of 3 time since it started last week.
Is there something common that can cause this or is it sounding like a security breach?
|