Local users get to play root?

nodata lsof at nodata.co.uk
Wed Nov 18 19:27:10 UTC 2009


Am 2009-11-18 20:20, schrieb Richard Hughes:
> 2009/11/18 Casey Dahlin<cdahlin at redhat.com>:
>> By the admin's first opportunity to change the settings the box could already be rooted.
>
> I'm not sure how you can root a computer from installing signed
> content by a user that already has physical access to the machine.

You install software with a known buffer overflow before it is fixed and 
exploit it. More software = more chances to exploit. Bingo!




More information about the fedora-devel-list mailing list