John W Baxter <[EMAIL PROTECTED]> wrote: > So far, I haven't found a need to "enable" root (I root about as a basic > part of my job, on other machines). So the only way for me to "be" > root--as opposed to getting the power via sudo--is to exploit this > really annoying hole. There's not much distinction, since you can execute the command "sudo su" and get a root prompt. The default setup might be a slight bit more secure than actually allowing root to log in directly, but not much. A more secure situation would be to give only certain specific powers to each sudoer. Personally I haven't cared enough to do this, since the hassle would outweigh the benefits in my case. And if someone malicious gains physical access to my machine, I have bigger problems to worry about, like "how come I suddenly have enemies who are breaking into my apartment?" or "who stole my iBook?". =) -Ken
- Re: setuid root hole... oops! Jim Cooper
- Re: setuid root hole... oops! gregor420
- Re: setuid root hole... oops! Sandor W. Sklar
- Re: setuid root hole... oops! Ed Silva
- RE: setuid root hole... oops! Cranz, Gregory
- Re: setuid root hole... oops! Greg Bossert
- Re: setuid root hole... oops! Wilfredo S�nchez
- Re: setuid root hole... oops! Mac OS X Perl User
- Re: setuid root hole... oops! Greg Bossert
- Re: setuid root hole... oops! John W Baxter
- Re: setuid root hole... oops! Ken Williams
- Re: setuid root hole... oops! Jim Cooper
- Back to Perl (was: setuid root ho... John Siracusa
- Re: Back to Perl (was: setuid... Ken Williams
- Re: Back to Perl (was: setuid... John Siracusa
- Re: mod_perl(was BACK to Perl... Jim Cooper
- Re: mod_perl(was BACK to Perl... John Siracusa
- Re: mod_perl(was BACK to Perl... Hardi Bales-Stutes
- Re: mod_perl(was BACK to Perl... John Siracusa
- Re: mod_perl(was BACK to Perl... Hardi Bales-Stutes
- Re: mod_perl(was BACK to Perl... John Siracusa
