[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More PATH fallout. Who decided this was a good idea?



On Sat, 2008-12-06 at 10:12 -0800, Jesse Keating wrote:
> On Sat, 2008-12-06 at 13:07 -0500, Steve Grubb wrote:
> > Nope, we took the perms away. Problem solved. :)
> > 
> 
> Er, you took the perms away from the one we ship, but not one that a
> user can gather from the network, or copy in from elsewhere.  Surely
> you'd want to audit any attempt at these things, not just from root
> level users?

Furthermore, we're supposedly gaining security by preventing
*unprivileged* user accounts from executing usermod, yet an ACTUAL
compromised scenario, like oh say breaking into root with a privilege
escalation vulnerability and modifying passwd and shadow directly with
kernel syscalls, goes unaudited?

Am I the only one who thinks this security model is mindbogglingly
broken and nothing more than security masturbation?

If you're not auditing at a lower level than executing /bin/usermod, you
are DOING IT WRONG period.

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]