Aviram Jenik <[EMAIL PROTECTED]> writes:
> Man, I'd like to be a user on your system...
>
> Given a shell account, it's almost trivial to gain root. Read bugtraq and
> you'll see. A rootshell bug is discovered every week. In a course of a year,
So?! Just make all SUID binaries mode 4750 belonging to some
designated group (suid) and make only _trusted_ users members of that
group. Of course, the untrusted guys will have problems changing
passwords / running a mail queue on their own, but that is not such a
big deal as having someone playing with a most recent root shell
exploit.
--
Alexander L. Belikoff
Bloomberg L.P.
[EMAIL PROTECTED]
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
