* Thomas Bushnell BSG ([EMAIL PROTECTED]) wrote: > Stephen Frost <[EMAIL PROTECTED]> writes: > > Same way you know that the system administrator hasn't modified a file > > in /usr/bin. > > Um, I know that by comparing the contents against a known-true > version. How do I detect whether the system administrator has used a > UID?
Except last I checked, we don't do such comparison. If you really
wanted to know if the UID was used you could do a find /, etc. Neither
is necessary though, which is the point.
> Moreover, the consequences of getting the one wrong are that you
> delete the sysadmin's changes. The consequences of the other are an
> important and difficult-to-detect security hole.
This is just patently false, as has been pointed out elsewhere. What
security hole, exactly, is created by orphaning a file?
Thanks,
Stephen
signature.asc
Description: Digital signature
