Robert Connolly wrote: > The libcap-1.10/doc/capability.notes file says it's more secure for root to > not own any files on the system. It suggests having a 'system' user, who > never logs in, owning everything that root would normally own. This is true > to an extent... Okay... Some random daemon running as root without root's fs caps gets cracked. There is /bin/su owned by root for sure, so he modifies it, makes it setuid again and then switches to some random uid and runs /bin/su that does what is required.
Would that work? How do you defend against this, if it does? -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
