All I'm trying to say is that adding someone to group root should not be exploitable, at least not without further misconfiguration.
robert On Sunday 27 August 2006 21:37, Bruce Dubbs wrote: > Robert Connolly wrote: > > It's an open door for someone in group root to escalate their privileges. > > Anyone in group root can copy /bin/bash to /bin/ping. > > Its a pretty stupid administrator that puts *anyone* in the root group. > I've never seen it, but it could be done. > > -- Bruce
pgpCu3VH8Lqaq.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
