[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On Wed, Nov 18, 2009 at 11:18:28PM +0530, Rahul Sundaram wrote:
> On 11/18/2009 11:19 PM, nodata wrote:
> 
> > 
> > Thanks. I have changed the title to:
> > "All users get to install software on a machine they do not have the
> > root password to"
> 
> .. if the packages are signed and from a signed repository. So, you left
> out the important part. Explain why this is a problem in a bit more
> detail.

They can install a package with a known local root exploit?

They can install lots of packages are fill up all the disk space?

They can install commands that the owner of the machine doesn't want?

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]