The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Alert

Discussion in 'Security' started by devellion, Apr 3, 2006.

  1. devellion

    devellion Active Member

    Joined:
    Feb 9, 2005
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I received this email this morning:

    Subject: *** SECURITY information for xxx.xxx.com ***

    xxx.xxx.com : Apr 3 02:25:09 : user : can't stat /etc/sudoers: No such file or directory ; TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/bin/su -

    Is this something I should worry about? Looks like some one is trying to get Super User access to my server.
     
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    The file /etc/sudoers determines who can use the 'sudo' command and what privileges they have when doing so.

    My thinking would be that the error "can't stat /etc/sudoers: No such file or directory" indicates that /etc/sudoers doesn't exist. Is this file present?

    I wouldn't worry too much as the default /etc/sudoers config should only allow access to root - if root has been compromised, there's no point in worrying about whether root can sudo!
     
  3. xidica

    xidica Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Texas
    what he said
     
  4. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    I can't agree more!
     
  5. devellion

    devellion Active Member

    Joined:
    Feb 9, 2005
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    LOL, ok thanks guys.
     
  6. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    It would still be worth checking if /etc/sudoers exists and populating it with default values just in case.

    Is this file present?
     
Loading...

Share This Page