Re: Root SSH permitted by default (was: how does root run a graphical prog)
On Tue, May 21, 2002 at 07:44:10PM +0100, Colin Watson wrote:
> Do you check for processes running under your uid every time you run su?
There's (obviously) something I'm still missing here... Why is that
relevant? su only raises the priviliges of a single session, as can
be readily observed by opeining two xterms, running su in one, and
trying to 'touch /bin/su' in the other.
The only thing that I can think of is for someone to update your
.bashrc (or whatever) with a line saying "alias su='/bin/su ;
/tmp/do-something-evil'" (or directing su to an equivalent script),
but even that would still be running do-something-evil outside of the
su session and, therefore, as your normal account, not as root.
--
When we reduce our own liberties to stop terrorism, the terrorists
have already won. - reverius
Innocence is no protection when governments go bad. - Tom Swiss
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: