Date: Wed, 2 Apr 2003 18:01:54 -0500 From: Bob Bomar <bulldog@fxp.org> To: Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr> Cc: chat@freebsd.org Subject: Re: Offtopic Message-ID: <20030402230154.GA23852@peitho.fxp.org> In-Reply-To: <Pine.LNX.4.44.0303181314590.32236-100000@ns.isi.ulatina.ac.cr> References: <Pine.LNX.4.44.0303181314590.32236-100000@ns.isi.ulatina.ac.cr>
next in thread | previous in thread | raw e-mail | index | archive | help
--CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 18, 2003 at 01:20:27PM -0600, Fabio Miranda Hamburger wrote: > Hi, I have a couple of question: >=20 > 1. A technique for an intruder to keep a root account was creating a stuid > root shell, that is not possible on FreeBSD nowadays, Why is not possible? > How a program like sudo can do that? Foe example, If i am a sudo 'full > admin' I can do this without passwd: > %sudo su > # sudo executes the command as root, and since the systems sees su being executed as root, you wont need that password. --=20 /----------------------------------------------------------------\ | Bob Bomar bulldog@fxp.org http://www.bomar.us/~bob | |=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D| | FreeBSD: The Power to Serve. http://www.freeBSD.org | \----------------------------------------------------------------/ --CE+1k2dSO48ffgeK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE+i2vi9Jm/aTrtdKoRAldTAJ4xKqEwFNzqZwmhIVa+YJwM0SBNcACfX7jR BPJxdwJlbNdujbw1ZC+0nWQ= =PEzc -----END PGP SIGNATURE----- --CE+1k2dSO48ffgeK--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030402230154.GA23852>