root on ports
f.fracassi at gmx.net
Thu Feb 15 15:58:40 PST 2001
On Thursday 15 February 2001 23:25, you wrote:
> On Thursday 15 February 2001 16:06, Fabio Fracassi wrote:
> > but anyone with read access to the profile can still take the encrypted
> > password to get root access! Or not?
> That is correct. If you keep the profile with the password, but put "rm -rf
> /" instead of everything else, you just killed the whole system.
> Maybe the password would need to be asked by the frontend to the user
> before starting, and then kept somewhere safe? Of course, if the building
> is killed, fails, is terminated, or simply ends, there should be no way of
> finding that password.
jep, exactly what I thougth, for remote login there is the ssh-agent, which
does exactly that, dunno if it works with local access, to.
More information about the alfs-discuss