John H. Robinson, IV wrote:
Michael O'Keefe wrote:
What does it matter ?
That user is exposed, nobody else is
local user access + local root exploit = remote root.
So your problem is local root exploit
Fix the problem, don't hide it by making users change their passwd.
or do you trust your users to not use the root exploit, just becoz ...
--
Michael O'Keefe | [EMAIL PROTECTED]
Live on and Ride an 06 BMW R12GS HP2 | [EMAIL PROTECTED] / |
I like less more or less less than |Work:+1 858 845 3514 / |
more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652 /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296 \`O'|
blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
