Re: coupe things RedHat does well and Debian should too
On May 05, Jason Gunthorpe <jgg@ualberta.ca> wrote:
>This is really dangerous because anyone who logs into the console can
>create a setgid auido/cd/whatever executable and always recover their
>privilages.
Really?
/dev/hda8 on /home type ext2 (rw,check=none,nosuid)
/dev/hda9 on /var type ext2 (rw,check=none,nosuid)
>This is also crazy. If you su to root the best thing to do is to set
>XAUTHORITY=/home/foo/.Xauthority. If you su to another user the sane thing
Can you explain with more details why pam_xauth is a vulnerability?
--
ciao,
Marco
Reply to: