Hi Todd, James if only user accounts have been compromised
.bashrc .tscshrc .profile etc could be changed to soemthing else, then su would not be the real su. if possible logging in directly as root is the best option, less chance of a compromised user account meaning root is compromised as well. ssh host -l jg -t "/bin/su -l root" this means that the users shell is not used, /bin/sh is this uses /bin/sh which does not load .bashrc etc etc LD_PRELOAD is ignored as well due to sh being suid root JG Todd Lyons wrote: > J. Grant wrote on Sun, Oct 06, 2002 at 08:07:32PM +0100 : > >>theoretically not, if some1 has got a fake binary for your shell as a >>normal user, he/she can then log you getting root. best way is to get >>the ssh client to execute the login command as root and go in directly. >>(thus bypassing the binarys that could have been compromised) > > > If the user installed fake binaries (especially the shell), then they > already have root on your machine. > > Blue skies... Todd
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
