From owner-freebsd-security Mon Jun 14 12:41:48 1999 Delivered-To: freebsd-security@freebsd.org Received: from osgroup.com (unknown [38.229.41.6]) by hub.freebsd.org (Postfix) with ESMTP id 06D60155FF; Mon, 14 Jun 1999 12:41:41 -0700 (PDT) (envelope-from stan@osgroup.com) Received: from stan166 ([38.229.41.237]) by osgroup.com (8.7.6/8.6.12) with SMTP id OAA11453; Mon, 14 Jun 1999 14:30:28 -0500 Received: by localhost with Microsoft MAPI; Mon, 14 Jun 1999 14:43:13 -0500 Message-ID: <01BEB674.3B233FE0.stan@osgroup.com> From: Constantine Shkolnyy Reply-To: "stan@osgroup.com" To: "freebsd-questions@FreeBSD.ORG" , "freebsd-security@FreeBSD.ORG" Subject: RE: reading files. Date: Mon, 14 Jun 1999 14:43:12 -0500 Organization: Ashley Laurent, Inc. X-Mailer: Microsoft Internet E-mail/MAPI - 8.0.0.4211 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I think something like PGP is the only way. The way I remember > administrator priviledges with NT is that you can't keep me from > accessing a file. I just have to take ownership of the user's > directories and then change the ownership of the file I want to look at. > When I get through, I would have to change the ownership of everything I > changed back to the user. I also think this would leave many tracks > behind, which isn't a quiet way like su'ing to the user from root. My recollection is that after you took ownership in NT, you _can't_ change it back. You will have to explain the user why you needed to do that. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message