s. keeling wrote: > Isn't it generally accepted that black hats who get local access (ie., > a user login account) is _much_ worse than black hats who've been kept > out? Assuming black hat wants root, taking over a user's account is a > very big first step. > > I would take the security of your user's accounts much more seriously > if I were you. If your users are leaving the door open, sooner or > later someone much worse than the paper boy is going to come stumbling > in. <real-me>I'm just playing devil's advocate btw</real-me> There's a difference between allowing users to spy on other users who have bad habits and allowing users to modify important files, run a "real editor" as root in the hopes that they don't find out about M-! or :shell.
Attachment:
signature.asc
Description: OpenPGP digital signature