root on ports

Fabio Fracassi f.fracassi at gmx.net
Thu Feb 15 15:58:40 PST 2001


On Thursday 15 February 2001 23:25, you wrote:
> On Thursday 15 February 2001 16:06, Fabio Fracassi wrote:
> > but anyone with read access to the profile can still take the encrypted
> > password to get root access! Or not?
>
> That is correct. If you keep the profile with the password, but put "rm -rf
> /" instead of everything else, you just killed the whole system.
>
> Maybe the password would need to be asked by the frontend to the user
> before starting, and then kept somewhere safe? Of course, if the building
> is killed, fails, is terminated, or simply ends, there should be no way of
> finding that password.

jep, exactly what I thougth, for remote login there is the ssh-agent, which 
does exactly that, dunno if it works with local access, to.

Fabio





More information about the alfs-discuss mailing list