On Sat, 2003-11-29 at 04:05, Martin Pitt wrote: > - It needs an extra account ("security officer" with UID 400) which is > a pretty bad idea IMHO. Since once you are SO (cracked/sniffed > password etc.), you can alter anything which seems like a giant > security risk to me.
If the password to any account that can become an administrator is cracked, you're generally screwed regardless of what access control framework you use (at least if the password is your only method of authentication). I gather grsec's admin password can be different from the user account's? Even so, someone who's cracked your account could install a trojaned shell in your ~/bin or something, and sniff your admin password.
signature.asc
Description: This is a digitally signed message part