:: Re: [DNG] Beware
Startseite
Nachricht löschen
Nachricht beantworten
Autor: Arnt Karlsen
Datum:  
To: dng
Betreff: Re: [DNG] Beware
On Tue, 19 Jan 2016 20:46:00 +0000, Rainer wrote in message
<87d1sxguwn.fsf@???>:

> karl@??? writes:
> > Arnt Gulbrandsen:
> >> By now, the concept of unprivileged local users is a little
> >> obsolete anyway.
> >
> > Yes, unless you let your kids or some guests use your computer.
>
> How many of your "kids and guests" even know what a kernel is, let
> alone how to exploit a bug in one?


..systemd? ;oD

> >> Today, hosts generally serve only one unix user, there
> >> generally is only one local user of one host, and that local user
> >> is the user that owns everything valuable. So is the a real point
> >> to local-user-to-root exploits? I suppose there is, but it is much
> >> smaller than it was ten or twenty years ago.
> >
> > The problem is not the local user == the owner, instead it is an
> > unknown breaking in as a local user and then gaining root powers.
>
> That's not going to be terribly difficult on a system I use as
> accounts I'm using usually can get root via sudo without entering a
> password.


..why did Debian kill ssh into localhost?
Is su or sudo safer than ssh nowadays?

--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.