On Tue, 12 Mar 2002, Erik Curiel wrote:
> Get off your fucking high-horse. You're not the last word in how
> everyone must administer their boxes. There are different approaches,
> with good arguments on many sides.
You really are a peice of work.
Here. I'll quote from the "Essential System Administration":
"Because of the potential for much more damage, the
current directory should not even appear in root's
search path, nor should any relative pathname. In
addition, none of the diretories in root's search path,
nor any of their higher-level components, should be
writable by anyone else but root; if one is, then
someone could again substitute something else for a
standard command, which would unintentially be run
as root."
The most recent edition I have is the 2nd; it's page 226
in this one. It is preceded by several examples how one
could get root access this way and is followed by several
vulnerabilities concerning permissions on .login files and
scripts placed in those.
This is basic, basic, basic stuff. Like, "first day you
have root access" stuff.
> It's hard to take someone seriously who has such an obviously closed
> mind.
You have this total "touchy-feely-there-is-no-such-thing-
as-an-absolute" defense for just about everything, don't
you?
_____________________________________________b r a n d o n h a r r i s___
[EMAIL PROTECTED] www.gaijin.com
_______________________________________________
Bits mailing list
[EMAIL PROTECTED]
http://www.sugoi.org/mailman/listinfo/bits
