On Thu, Nov 23, 2000 at 02:39:54PM +0100, Philippe Barnetche wrote: > Hi, > > you can change the PAM attributes of "su", avoiding local root to get user > account access. Of course, if your /etc is local, you'll still have the > problem. that would be very weak, if root could write to anywhere and compilers are available a very simple program to setuid(1000) would replace su quite easily. i have read about secure RPC which seems to somewhat solve NFS issues, but i think its not supported on linux. unfortunatly at this point it really boils down to: NFS is insecure, deal with it. -- Ethan Benson http://www.alaska.net/~erbenson/
PGP signature- Problems with root on network clients Alex Pires de Camargo
- Re: Problems with root on network clients Charles Goyard
- Re: Problems with root on network clients Ted Cabeen
- Re: Problems with root on network clients Tollef Fog Heen
- Re: Problems with root on network clients Philippe Barnetche
- Re: Problems with root on network clients Ethan Benson
- Re: Problems with root on network clien... Brad Allen
- Re: Problems with root on network c... Ethan Benson
- Re: Problems with root on netw... Tollef Fog Heen
- Re: Problems with root on netw... Carlos Carvalho
- Re: Problems with root on netw... Brad Allen
- Re: Problems with root on netw... Giacomo Mulas
- Re: Problems with root on network c... Daniel Jacobowitz
- RE: Problems with root on network clients Alex Swavely
- Re: Problems with root on network clients J-E.Schulz
- Re: Problems with root on network clients Brad Allen
