Re: Reporting missing package during install

To: debian-user@lists.debian.org
Subject: Re: Reporting missing package during install
From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
Date: Mon, 09 Dec 2013 18:34:34 +0100
Message-id: <[🔎] 1386610474.14806.166.camel@archlinux>
In-reply-to: <[🔎] 21157.64035.378332.381679@mail.eng.it>
References: <[🔎] CAO7q0mn82WxbO_1fL3o1P_X5qz8brA2kZruVb6JG8Nz6LYAZnA@mail.gmail.com> <[🔎] 20131207200143.GJ3239@sid.nuvreauspam> <[🔎] 20131207213630.GB6685@hysteria.proulx.com> <[🔎] 201312090001.50206.lisi.reisz@gmail.com> <[🔎] 21157.31399.63135.88312@mail.eng.it> <[🔎] 20131209094043.GQ3239@sid.nuvreauspam> <[🔎] 21157.37830.879558.114857@mail.eng.it> <[🔎] 20131209164451.GR3239@sid.nuvreauspam> <[🔎] 21157.64035.378332.381679@mail.eng.it>

On Mon, 2013-12-09 at 18:13 +0100, Gian Uberto Lauri wrote:
> Think about this scenario: someone devises a clever way to slip a
> Trojan in a user account.

Than the trojan has got user privileges only. If it's a key logger it
can read what password you type for sudo, but also what you type for su.

User 1000 who has got cow powers when using sudo, does not have the cow
powers without running sudo.

It doesn't matter if you set-up and use sudo, su or sudo and su.
Security is a combination of actions to be taken.

I know they hack servers, but was the Linux home PC of anybody on this
list ever hacked?

Reply to:

Follow-Ups:
- Re: Reporting missing package during install
  - From: "Gian Uberto Lauri" <saint@eng.it>

References:
- Reporting missing package during install
  - From: Troy Engel <troyengel@gmail.com>
- Re: Reporting missing package during install
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Reporting missing package during install
  - From: Bob Proulx <bob@proulx.com>
- Re: Reporting missing package during install
  - From: Lisi Reisz <lisi.reisz@gmail.com>
- Re: Reporting missing package during install
  - From: "Gian Uberto Lauri" <saint@eng.it>
- Re: Reporting missing package during install
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Reporting missing package during install
  - From: "Gian Uberto Lauri" <saint@eng.it>
- Re: Reporting missing package during install
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Reporting missing package during install
  - From: "Gian Uberto Lauri" <saint@eng.it>

Prev by Date: Re: Reporting missing package during install
Next by Date: Re: Re: Shutdown computer after a specific command has been executed
Previous by thread: Re: Reporting missing package during install
Next by thread: Re: Reporting missing package during install
Index(es):
- Date
- Thread