Survival Time for Unpatched Systems Cut by Half
Brian Kelsay
BLKELSAY at kcc.usda.gov
Thu Aug 19 13:40:39 CDT 2004
>>> Brian Kelsay <bkelsay at comcast.net> 08/18/04 10:46PM >>>
> This is why you don't run as root. If you put your
>user ID in the root group, you're asking for it. I'd say that Java or
>flash, possibly C payloads could be delivered in this manner and have
>code to distinguish what environment they are in.
On a Debian based system, you put your user in the wheel group that allows you to "su" to root, but
you still need the root password. Gentoo has a similar group for this purpose.
----------------------------------------------
Somewhere there is a village missing an idiot.
Brian Kelsay
More information about the Kclug
mailing list