* Joey Hess <[EMAIL PROTECTED]> [000926 14:52]: > Nicolás Lichtmaier wrote: > > Your point is so obvious. duh... how did I miss that? > > Of course that cracking bin would be like cracking root...! > > This is not an issue if > > a) bin has no passowrd so people cannot log in as bin > and > b) nothing on the system is suid bin
Joey, if bin owns ls, then someone that cracks the bin account (via some non-interactive means) could replace ls with a version of ls that opens a port connected to a shell. The next time root runs ls, there is a shell running as root sitting open, ready for someone to connect with netcat. So, cracking whatever account owns the system binaries is tantamount to cracking root, whenever root executes one of those programs. Right?
