Re: suid root

To: Debian Users List <debian-user@lists.debian.org>
Subject: Re: suid root
From: Sven Burgener <svenb@bluewin.ch>
Date: Fri, 15 Sep 2000 23:06:11 +0200
Message-id: <[🔎] 20000915230611.B272@host.cablecom.ch>
Mail-followup-to: Debian Users List <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20000914221837.G24349@spoon.ai.mit.edu>; from jon@ai.mit.edu on Thu, Sep 14, 2000 at 10:18:37PM -0400
References: <[🔎] Pine.GSO.4.21.0009142159300.1439-100000@www.storm.ca> <[🔎] 20000914221837.G24349@spoon.ai.mit.edu>

On Thu, Sep 14, 2000 at 10:18:37PM -0400, Jonathan D. Proulx wrote:
> If this machine is in your home *and* your internet connection is via
> intermittent dial-up with dynamic IP adressing, I say no big deal.

> If you have persistant internet connection (via LAN, xDSL, Cable) your
> risk goes way up.

Quite true.

> In order for this "security hole" to be exploited someone needs to
> have shell access to your machine (by remote exploit or sniffing user
> passwords from telnet, pop, and othe rplain text methods).

Just how bad is it to fetch mails from a POP3 account right 
'through' the Internet?
(By that I mean having Inet connectivity at some (cable) provider 
and polling a mail account at some other provider, therefore passing
various routers / gateways along the way)

Regards
Sven
-- 
"We will run this with the same kind of openness we have run Windows,"
                 Steve Ballmer on their .net service

Reply to:

References:
- suid root
  - From: Michael Soulier <msoulier@storm.ca>
- Re: suid root
  - From: "Jonathan D. Proulx" <jon@ai.mit.edu>

Prev by Date: Re: Netscape http://wierdness on startup
Next by Date: sendmail and capitol letters
Previous by thread: Re: suid root
Next by thread: Re: suid root
Index(es):
- Date
- Thread