Local users get to play root?
Rahul Sundaram
sundaram at fedoraproject.org
Thu Nov 19 09:01:19 UTC 2009
On 11/19/2009 02:30 PM, Bojan Smojver wrote:
> Rahul Sundaram <sundaram <at> fedoraproject.org> writes:
>
>> If you have a problem with this, do explain why. Not suggesting it is
>> not a problem but being more descriptive does help.
>
> This opens the door to all kinds of cascaded exploits that would otherwise not
> be possible (see: http://lwn.net/Articles/362640/). Then local users really get
> to play root, except that they are really remote users that just broke into your
> system.
.. err Jeff Garzik already made that point in this thread.
Rahul
More information about the fedora-devel-list
mailing list