Re: Preparing Debian for using capabilities: file ownership.
Carl R. Witty wrote:
> There is at least one way in which root is less vulnerable than bin to
> cracking. If your machine has files exported via NFS with
> root_squash, then somebody who cracks root on a client machine can
> modify files owned by bin on your machine, but not files owned by
> root. There may be other similar security measures aimed at
> protecting root in particular.
Ah, you're right. Of course this is another example of the root-specific
security measures mentioned elsewhere on this thread (and a damn good
one too).
--
see shy jo
Reply to: