Kirk Reiser, le Mon 13 Dec 2010 08:36:58 -0500, a ?crit : > I have never seen anything even > close to the type of condition we are hypothetically discussing. You mean, somebody with bad enough intentions? > I work for a very large university. My question of curiosity is > simply to determine why this is a possible concern in a very unlikely > event. Security is about unlikely events. > If something is a security risk then we need to determine what it is > and how to fix the problem rather than having security through > obscurity. We're not talking about obscurity, we're talking about restricting which users are able to write to these files. > BTW, I aggree with Chris that the best solution from my > perspective is to set-up a speakup group and use group writable bits. Sure. > I really don't think that is any less of a security risk however. Anything that can let a user change root's view of what is happening on a system can really be frowned upon. Samuel
