Compass Security Blog

Offensive Defense

Page 2 of 2

Dangerous Sudoers Entries – PART 1: Command Execution

October 1, 2012 / / 0 Comments

The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root) /bin/less /var/log/* The article is split into the following five chapters: PART 1: Command Execution PART 2: Insecure Functionality PART 3: Permissions PART 4: Wildcards PART 5: Recapitulation In this […]

Continue reading

JBoss 7.1 Web Server Hardening

February 23, 2012 / / 0 Comments

JBoss is a popular open-source Java application server which underwent a major rewrite of its code-base for its latest version 7.x. Of this new branch, only version 7.1.0.Final, released a week ago, is certified for the Java EE 6 Full Profile. As part of the code rewrite, the configuration settings also got a global overhaul. […]

Continue reading

Newer posts »

© 2026 Compass Security Blog

Up ↑