Re: building 2.6.35

To: debian-user@lists.debian.org
Subject: Re: building 2.6.35
From: Andrei Popescu <andreimpopescu@gmail.com>
Date: Sun, 15 Aug 2010 10:13:31 +0300
Message-id: <[🔎] 20100815071331.GG22314@think.homelan>
In-reply-to: <[🔎] AANLkTikqRfH+fg3zvS3qYNPmFieSKPzEs0j-Sw_T=qkb@mail.gmail.com>
References: <[🔎] 20100811213312.GD14317@dementia.proulx.com> <[🔎] 399638650.38733.1281620510281.JavaMail.root@md01.wow.synacor.com> <[🔎] AANLkTikqRfH+fg3zvS3qYNPmFieSKPzEs0j-Sw_T=qkb@mail.gmail.com>

On Jo, 12 aug 10, 11:10:16, Arthur Machlas wrote:
> 
> Isn't there a risk in granting user access to src, adm, and such if
> ever your user account is compromised? My uninformed opinion is that
> it's a question of relative risk; the 'risk' involved in building
> kernels as root, versus the risk involved in giving access to these
> dirs and tools should your account become compromised.

If that user account is used to gain root privileges then it doesn't 
really matter, it's not very difficult to trick the user to give out the 
root password (something like a fake 'su' or 'sudo' prompt).

Regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Re: building 2.6.35
  - From: Bob Proulx <bob@proulx.com>
- Re: building 2.6.35
  - From: Stephen Powell <zlinuxman@wowway.com>
- Re: building 2.6.35
  - From: Arthur Machlas <arthur.machlas@gmail.com>

Prev by Date: wicd refuses to start
Next by Date: Re: Why is troubleshooting Linux so hard?
Previous by thread: Re: building 2.6.35
Next by thread: Re: building 2.6.35
Index(es):
- Date
- Thread