Gian Uberto Lauri wrote: > Bob Proulx writes: > > How would this be accomplished? (Answer cannot contain a use of sudo! > > No circular logic please.) > > ... > > Right. Because normal users can't change the system time. > > Sorry, wrong. With 'folk ALL=(ALL) ALL', user folk can run as root ANY
That is a user that already has full root privileges! That is not a normal user. That is a user that already has root. If they have root then they are already an administrator on the system and don't need to break into it. > program including 'date -s'. Or at least 'sudo bash', and then live > happy with a shell executed with the root id. And what did I specifically say? I hinted at what would be a wrong answer. I said not to give an example using sudo. Because obviously root can change the clock. What did you do? You gave an example using sudo to use root to change the clock! Of course root can change the clock. Not an interesting case. > If your /etc/sudoers contains 'yourusername ALL=(ALL) ALL' try running > sudo date 20000101 > and feel younger ;) Did you also know that users who have the root password can use su to become root too? Users with the root password can change the system. Shocking! No. Not really. The amount of misinformation in this thread causes me almost physical pain. > > If they could other attacks would also be possible. > > Since they can change the date... Root can always change the date. That isn't interesting at all. The better attack against the clock is to attack the network side of NTP. If you can adjust the clock from the network (also not possible in a default configuration) then you could get some grip on this. But by default you can't do that against NTP either. Bob
signature.asc
Description: Digital signature
