also sprach Adam Warner <lists@consulting.net.nz> [2002.01.19.2304 +0100]: > The question I have is if I "su - username" and then browse the web, > etc. is it impossible for a remote user who managed to gain access to > that user session to become root by exiting out of the user account? an addition: your setup and question sounds really flakey to me, and even though i can't really think of ways to break in, that *does not* say that there aren't any. fact is, when i imagine your situation, i get a very weird feeling in my intestines, and as a security person, the only sensible advise i can actually give you is to say: no, don't do it. first, it's a server, server's are *not* workstations, and you only surf the web on a workstation. second, having a persistent root console open sounds horrible. third, to say that physical security is ensured it foolish. fourth, it really just sounds bad. fifth, did i say it sounds bad? -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck core error - bus dumped
Attachment:
pgpN6mh8Rfag_.pgp
Description: PGP signature