Ruud de Rooij <[EMAIL PROTECTED]> wrote: > > (of course, this attack can be prevented using mount options to > disable setgid executables on all filesystems where users have write > access)
But the user can still leave a process running with the privileges after he logs out. Now whenever he logs in from anywhere else in the world, he can request the privileges from that process. -- Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
