rename root

Simon Geard delgarde at ihug.co.nz
Wed Oct 17 03:09:52 PDT 2001


On Thursday 18 October 2001 00:36, Fabio Fracassi wrote:
> It is possible, but from a security Viewpoint not very advisable.
> Another acount is another possible hole, and a hole with root privileges is
> a severe danger.
>
> BTW, what good should it do?
> If you need privileges for other users use groups/su or sudo.

Making sure to use your brain when configuring sudo. As I've mentioned a 
while back, the configuration used at my workplace has a number of 
interesting holes.

For example the following commands can be run as root:
    vi /path/to/whatever/file
    sh start.sh *

The former fails to account for the fact that once vi is running as root, you 
can then open any other file on the system, or run a shell. The latter does 
not specify a path for the script to be run, so that any script called 
start.sh can be run.

There are several other variations on this theme.

Simon.
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list