[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permission policy



Previously Ruud de Rooij wrote:
> (of course, this attack can be prevented using mount options to
> disable setgid executables on all filesystems where users have write
> access)

In which case they just keep a filehandle open and use that later on.
You could also simply start a screen session while you still have the
group and attach to that later.

Wichert.

-- 
   ________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: pgpClQhRyVx8U.pgp
Description: PGP signature


Reply to: