著者: Rainer Weikusat 日付: To: dng 題目: Re: [DNG] Beware
karl@??? writes: > Arnt Gulbrandsen:
>> By now, the concept of unprivileged local users is a little obsolete
>> anyway.
>
> Yes, unless you let your kids or some guests use your computer.
How many of your "kids and guests" even know what a kernel is, let alone
how to exploit a bug in one?
>> Today, hosts generally serve only one unix user, there
>> generally is only one local user of one host, and that local user is
>> the user that owns everything valuable. So is the a real point to
>> local-user-to-root exploits? I suppose there is, but it is much smaller
>> than it was ten or twenty years ago.
>
> The problem is not the local user == the owner, instead it is an
> unknown breaking in as a local user and then gaining root powers.
That's not going to be terribly difficult on a system I use as accounts
I'm using usually can get root via sudo without entering a password.