Hey gang, I need some help regarding permissions and owners for my eggdrop. Recently, a tech changed the permissions and owners for my eggdrop files and folders because they thought it is insecure and vulnerable. Are the older versions vulnerable to backdoors/trojans?
I would assume that means they do not want eggdrop running. As far as the meaning of chmod's octals, try googling "chmod octals" and the usual permissions would be u+rwx g-rwx o-rwx
They do allow ircd and eggdrops, just the tech felt that the eggdrop might've caused trojans/backdoors on the server. Those permissions are for every folder and file for eggdrop?
Most of the perms would be u+rwx, for executables and directories. Text files only need +r (and maybe +w if you want to be able to edit them). If they chmod -R the whole directory, it would be easiest to just chmod -R u+rwx /home/server/eggdrop rather than go through each and every dir setting the perms.
And no I've never heard of any backdoors in eggdrop, although of course there are insecure settings and there are probably very bad scripts that would open up vulnerabilities. There's a section in the forum faq's about script security, and there are some notes in the sample eggdrop config file about security. But, this is pretty much common-sense shell security stuff. If you're really paranoid, run the bot in a chroot jail.
I would however strongly suggest you upgrade from .15 to current (.18 ), a few nasty bugs were plugged since then. Also, this would probably be the easiest way of restoring all file permissions to their supposed values.
I must agree with rosc that there are no backdoors or trojans in eggdrop (of course assuming you download it from a trusted source). Of course, since it is a software that allows remote execution with some configurations, there is a possibility that a malicious person might try to use it in order to launch unauthorized code on your system.
However, none of the configurations required for remote execution is enabled in the dist config-file (both .set and .tcl are disabled, and would require owner or permowner privileges to be used). This said, there might be exploits or exploitable bugs in 3rd party scripts that could lead to remote execution, as eggdrop does support scripting...
In a security viewpoint, an eggdrop could possibly only compromize the account it runs under (and it will not run as root). I'd considder a webserver allowing users to post their own php's or cgi's to be atleast an equal security risk.
Are the older versions vulnerable to backdoors/trojans?
Those permissions are for every folder and file for eggdrop?