[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DSA-134-1

Hi,

Mark Janssen wrote:
> 
> On Tue, 2002-06-25 at 18:11, Phillip Hofmeister wrote:
> > *TECHNICALLY* every login is root.  Getty runs as root and then gives up root
> > to the authenticated user once PAM gives the okay...Does this mean the user
> > can break back into root?  If the exit their shell (Ctrl + D, or pick your choice
> > of logout method...) then Getty immediately respawns....
> 
> No... getty exec's a shell (or a login actually) and when this exits
> the inetd restarts the getty. :)

inetd?
you mean init ;)

btw the respawn is only done, if you have the word "respawn" in
/etc/inittab before ":/sbin/getty".

but getty has not to run with _all_ root-privileges, it just has to run
as user root with some root-privileges.
for more info about this, have a look at http://www.lids.org

bye
Ralf


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: