On Fri, 2007-02-02 at 09:27 +0000, Alan wrote: > Also check any scripts before restoring. You may find a user or > root .login/.profile or similar in the /home area people habitually > restore without checking contains hooks to reinstall any trojans. If > you are paranoid remove the execute bits from everything you restore > too. It should probably go without saying, that things like /home, /var, and /tmp are best mounted in a noexec mode, as well. It makes it harder for something to get its foot in the door. -- (Currently testing FC5, but still running FC4, if that's important.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
