Re: risks of using net apps as a user in wheel or adm?
On Fri, 2 Nov 2007 13:19:58 -0400
"Douglas A. Tutty" <dtutty@porchlight.ca> wrote:
> This is a more general question to an issue that came up in another
> thread.
>
> Not to single out Iceweasel but, for example, IIUC, javascript and
> flashplayer end up running someone else's code on your computer as you.
>
> What are the security implications of this? What could a malicious
> flash or piece of javascript really do you files in your home directory?
>
> What are the security implications of this if you are also a member of
> group wheel, adm, or staff?
I would add that many users, especially on single user machines,
probably have something like:
username ALL = NOPASSWD: ALL
in /etc/sudoers
> Doug.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: