Date: Tue, 21 Oct 2003 13:08:26 -0700 From: Avleen Vig <lists-freebsd@silverwraith.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Kip Macy <kmacy@fsmware.com> Subject: Re: process checkpoint restore facility now in DragonFly BSD Message-ID: <20031021200826.GS792@silverwraith.com> In-Reply-To: <20031021163038.GA66101@rot13.obsecurity.org> References: <20031020134532.B63978@demos.bsdclusters.com> <20031021163038.GA66101@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 21, 2003 at 09:30:38AM -0700, Kris Kennaway wrote: > > Please note that there are *SEVERE* security issues with this module. > > The module is not loaded into the kernel by default and, when loaded, > > can only be used by users in the wheel group. > > Why the wheel group? Until now, the only special privilege this group > has is that users are allowed to su to root, if they knew the > password. It looks like now you've removed the root password barrier > and allow anyone in the wheel group to manipulate processes to obtain > root without a password :-) If you don't want them getting root, don't put them in wheel? ;-) <ducks> -- Avleen Vig Systems Administrator Personal: www.silverwraith.com EFnet: irc.mindspring.com (Earthlink user access only)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031021200826.GS792>