the funny thing about su, is that it asks you for a password first.
if they already know your password, then your already out of luck.
and if you first off log in as root, secondly leave it logged in, then
thats too bad for you.
if you went to the bathroom, they could just boot -s if they had access
sbr
ps. on my untrusted system i just deleted su, not like its really going to
help but it saves space in the log file
On Wed, 25 May 2005, Will H. Backman wrote:
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Mike
Sent: Wednesday, May 25, 2005 11:14 AM
To: misc@openbsd.org
Subject: Re: risky alias..
Jason Opperisano wrote:
On Wed, May 25, 2005 at 04:09:20PM +0300, Mike wrote:
would be easily to get password or something else.
if $bad_person has the ability to modify your user's or the
system-wide
shell initialization files, why exactly would they need to steal
your
password at that point?
-j
--
"Brian: Congratulations, Peter. You're the Spalding Gray of crap."
--Family Guy
i was just thinking that maybe my friend is a bad person or double
agent
or maybe the janitor is clever and attacks silently in that time when
im
going to bathroom and in a one time i forget to lock my desktop, then
all is lost and disaster is there.
Set the immutable flag on all of your files and then change the kernel
security level so that they cannot be changed even by root. All kinds
of things will break, but then you can leave your system logged on while
you walk away.
