:: Re: [DNG] Beware
Inizio della pagina
Delete this message
Reply to this message
Autore: Rainer Weikusat
Data:  
To: dng
Oggetto: Re: [DNG] Beware
karl@??? writes:
> Arnt Gulbrandsen:
>> By now, the concept of unprivileged local users is a little obsolete
>> anyway.
>
> Yes, unless you let your kids or some guests use your computer.


How many of your "kids and guests" even know what a kernel is, let alone
how to exploit a bug in one?

>> Today, hosts generally serve only one unix user, there
>> generally is only one local user of one host, and that local user is
>> the user that owns everything valuable. So is the a real point to
>> local-user-to-root exploits? I suppose there is, but it is much smaller
>> than it was ten or twenty years ago.
>
> The problem is not the local user == the owner, instead it is an
> unknown breaking in as a local user and then gaining root powers.


That's not going to be terribly difficult on a system I use as accounts
I'm using usually can get root via sudo without entering a password.