I received a reply from Dreamhost, so I thought I’d keep you all updated. I’ll keep my commentary to a minimum.
We were told that attempting an upgrade to MySQL corrupted our server, and it would cost $100 to re-image to factory default. They could give us SSH access to get our files first. After receiving the following email, we still have no SSH, sftp, or any other access to our sites or files :
– snip –
Good speaking with you. Here is a summary of our call:
We have fixed the broken package issue without a re-image, but in the
future, we would require a payment of $100.00 be made on the account to
support our re-imaging of the machine.
A sr. tech manager for these machines says that the packages on it were
broken due to your attempted upgrade of mysql. I understand you were
quite reasonably responding to a vulnerability which was published a
couple of days ago, namely this:
The preferred way to have approached this, due to the server being
’dreamhost-managed’ in the panel, would have been to let us know about
your concerns and give us a chance to respond to that.
Since you have notified us, I have created a ticket for the security team
to look at this and recommend an action. I’m also talking with a sys
admin here in charge of customer databases. I’ll let you know what I
find, the minute I hear.
The ssh issue is fixed now too, so you should be able to get in there and
grab your files, if needed. So, there are no plans to re-image the
machine. This are status quo now from our end.
– snip –