http://www.dragonflybsd.org/ is hacked??

Saifi Khan saifi.khan at datasynergy.org
Mon Oct 19 04:58:17 PDT 2009


On Mon, 19 Oct 2009, Simon 'corecode' Schubert wrote:

> Saifi Khan wrote:
> > On Mon, 19 Oct 2009, lhmwzy wrote:
> > 
> > > http://www.dragonflybsd.org/
> > > 
> > > DragonFly BSD
> 
> Thanks for the notice!
> 
> > No i don't think so !
> > 
> > if i understand correctly (iiuc) then it's a wiki and somebody
> > may have spammed the front page.
> > 
> > In the IRC log, it appears that corecode|polachok observed this
> > and fixed the front page.
> 
> It was a defacement through an exploit in ikiwiki, because the markup had not
> been changed.  We're looking into it.
> 
> cheers
>   simon
> 

Hi Simon:

In most cases the wiki software does not need to run as root.

You mention the possibility of an exploit, the stuff documented at 
http://ikiwiki.info/security/ talks about a 'pending git backend audit'.


thanks
Saifi.






More information about the Users mailing list