Date: Fri, 12 May 2000 10:00:11 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Paul Hart <hart@iserver.com> Cc: Adam Laurie <adam@algroup.co.uk>, freebsd-security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <4226.958118411@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 11 May 2000 10:03:38 MDT." <Pine.BSF.4.21.0005110953510.8386-100000@anchovy.orem.iserver.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0005110953510.8386-100000@anchovy.orem.iserver.com>, Paul Hart writes: >On Thu, 11 May 2000, Adam Laurie wrote: > >> If someone backdoors your system with an authorized key, and is >> confident they can gain root from a luser account, they don't need to >> go any further, and it's extremely likely that the change will go >> unnoticed *forever* > >But if you have hostile local users with root access, can you even trust >the output from /etc/security? Yes, if you put them in a jail(8). -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4226.958118411>