Date: Wed, 2 Apr 2003 18:01:54 -0500 From: Bob Bomar <bulldog@fxp.org> To: Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr> Cc: chat@freebsd.org Subject: Re: Offtopic Message-ID: <20030402230154.GA23852@peitho.fxp.org> In-Reply-To: <Pine.LNX.4.44.0303181314590.32236-100000@ns.isi.ulatina.ac.cr>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Tue, Mar 18, 2003 at 01:20:27PM -0600, Fabio Miranda Hamburger wrote: > Hi, I have a couple of question: > > 1. A technique for an intruder to keep a root account was creating a stuid > root shell, that is not possible on FreeBSD nowadays, Why is not possible? > How a program like sudo can do that? Foe example, If i am a sudo 'full > admin' I can do this without passwd: > %sudo su > # sudo executes the command as root, and since the systems sees su being executed as root, you wont need that password. -- /----------------------------------------------------------------\ | Bob Bomar bulldog@fxp.org http://www.bomar.us/~bob | |================================================================| | FreeBSD: The Power to Serve. http://www.freeBSD.org | \----------------------------------------------------------------/ [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE+i2vi9Jm/aTrtdKoRAldTAJ4xKqEwFNzqZwmhIVa+YJwM0SBNcACfX7jR BPJxdwJlbNdujbw1ZC+0nWQ= =PEzc -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030402230154.GA23852>