http://www.dragonflybsd.org/ is hacked??
Saifi Khan
saifi.khan at datasynergy.org
Mon Oct 19 04:58:17 PDT 2009
On Mon, 19 Oct 2009, Simon 'corecode' Schubert wrote:
> Saifi Khan wrote:
> > On Mon, 19 Oct 2009, lhmwzy wrote:
> >
> > > http://www.dragonflybsd.org/
> > >
> > > DragonFly BSD
>
> Thanks for the notice!
>
> > No i don't think so !
> >
> > if i understand correctly (iiuc) then it's a wiki and somebody
> > may have spammed the front page.
> >
> > In the IRC log, it appears that corecode|polachok observed this
> > and fixed the front page.
>
> It was a defacement through an exploit in ikiwiki, because the markup had not
> been changed. We're looking into it.
>
> cheers
> simon
>
Hi Simon:
In most cases the wiki software does not need to run as root.
You mention the possibility of an exploit, the stuff documented at
http://ikiwiki.info/security/ talks about a 'pending git backend audit'.
thanks
Saifi.
More information about the Users
mailing list