On Sat, Mar 29, 2003 at 01:36:50PM -0500, sean finney wrote: > On Sat, Mar 29, 2003 at 01:08:51PM -0500, Roberto Sanchez wrote: > > Both of my machines are for my personal use (1 desktop and 1 laptop). Your > > mention of a root exploit makes me worry though, since my desktop is > > connected to the internet 24/7 by a DSL modem. > > don't worry if you haven't given anyone an account on your machine. > it's a local exploit only, meaning they have to have login access > before it can be exploited. That's of course true, but if someone can get a local shell by exploiting a network daemon, then they can immediately get root. remote non-user exploit + local root exploit = remote root exploit So fixing local root exploits is rather important :) -- Rob Weir <rweir@ertius.org> http://www.ertius.org/ Encrypt your mail: 1024D/1E73B7CD, 4096R/3ABDE5EC | Do I look like I want a CC? Words of the day: BLU-97 A/B embassy defense information warfare warfare
Attachment:
pgpHi087SqkiR.pgp
Description: PGP signature