Re: DSA-134-1
Hi,
Mark Janssen wrote:
>
> On Tue, 2002-06-25 at 18:11, Phillip Hofmeister wrote:
> > *TECHNICALLY* every login is root. Getty runs as root and then gives up root
> > to the authenticated user once PAM gives the okay...Does this mean the user
> > can break back into root? If the exit their shell (Ctrl + D, or pick your choice
> > of logout method...) then Getty immediately respawns....
>
> No... getty exec's a shell (or a login actually) and when this exits
> the inetd restarts the getty. :)
inetd?
you mean init ;)
btw the respawn is only done, if you have the word "respawn" in
/etc/inittab before ":/sbin/getty".
but getty has not to run with _all_ root-privileges, it just has to run
as user root with some root-privileges.
for more info about this, have a look at http://www.lids.org
bye
Ralf
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: