On 01/17/2015 09:02 AM, Rahul Sundaram wrote: > Hi > > On Fri, Jan 16, 2015 at 9:39 AM, Lubomir Rintel wrote: > > For this reason, I avoid privilege escalation when I need to conduct > privileged operations, but open a separate session. The sshd daemon > running with root privileges is more trustworthy to me than my user > session. > > I have no idea what you mean here. Turning off direct root login in SSH > doesn't make SSHD itself run as that user. SSHD is still running as root. I can't speak for Lubomir, but I'd guess he or she meant that as root, one's environment ($HOME/.bashrc, $HOME/.tcshrc for us weirdos, aliases, $HOME/bin/ contents, etc.) are unlikely to have been tampered with, unless an attacker has already gained root access anyway. Nothing to do with sshd per se. -- J. Randall Owens | http://www.ghiapet.net/
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
