On Mon, 26 Dec 2005 11:39:22 -0500, Dave Feustel <[EMAIL PROTECTED]> wrote:
>Don't use sudo in any konsole session. Dave, I don't think you're nuts but the fear mongering without providing any proof or details of a compromise is questionable at best. If you really were compromised while running OpenBSD, you aren't the first and probably won't be the last. As for leaving a terminal window open with root privs, sudo or su, it has *always* been a bad idea: http://seclists.org/lists/bugtraq/2002/May/0294.html As you can see from what happened to Dug Song and monkey.org, the problem may not be konsole itself, instead, your sudo-enabled konsole session could have been taken over via an exploit in some other application you are running. jcr
