Date: Tue, 25 Jun 1996 12:21:25 +0200 From: Mark Murray <mark@grumble.grondar.za.@grondar.za> To: -Vince- <vince@mercury.gaianet.net> Cc: Bradley Dunn <dunn@harborcom.net>, security@FreeBSD.org, jbhunt <jbhunt@mercury.gaianet.net>, Chad Shackley <chad@mercury.gaianet.net> Subject: Re: I need help on this one - please help me track this guy Message-ID: <199606251021.MAA09453@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
-Vince- wrote: > > *Sigh*. This is turning into elementary sysadmin class. If you are > > going to admin a system with over 1000 users, you need to learn to > > think security issues through. If "." is in the path, the cracker can > > put a trojan horse in some directory where he *can* write, and he > > will name it something he hopes the unsuspecting admin will execute > > while root. > > Well, the problem here is one of the admins know the user and he > was watching him just run the program himself, the root user had nothing > to do with executing anything... ...in which case you were _really_ open. The user could do what he liked, right? He didn't have to trick you, he just did it - with root privelige. He just (ab)used your goodwill and naivete. When you let users type commands on your system, you are supposed to be alert :-) M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 Finger mark@grondar.za for PGP key
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606251021.MAA09453>