Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 2009-11-18 20:30, schrieb Konstantin Ryabitsev:
2009/11/18 nodata<lsof@xxxxxxxxxxxx>:
Am 2009-11-18 20:20, schrieb Richard Hughes:

2009/11/18 Casey Dahlin<cdahlin@xxxxxxxxxx>:

By the admin's first opportunity to change the settings the box could
already be rooted.

I'm not sure how you can root a computer from installing signed
content by a user that already has physical access to the machine.

You install software with a known buffer overflow before it is fixed and
exploit it. More software = more chances to exploit. Bingo!

If a user logged in from a physical local console wanted to exploit
their machine, this would be the hard way to do it.

If the servers are in locked racks and you require a reboot to get access to a grub prompt which is not password protected, then the outage would trip the monitoring system.

--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux