sux, an enhancer for su
James Cameron
jc at raven.bu.edu
Fri Apr 26 05:15:13 AEST 1991
>>>>> On 25 Apr 91 17:31:26 GMT, kyle at uunet.uu.net (Kyle Jones) said:
Kyle> Tom Christiansen writes:
> And this is a feature??? If there are users who can become root
> without a password, then it's MUCH easier to subvert the
> system.
Kyle> I think we're talking around each other. Most people understand
Kyle> the decrease in security. What you gain is ease of use and
Kyle> safety. Using a root shell is like using a table saw without the
Kyle> guard plate. Make it easy for people to become root when they
Kyle> need to, and they're less likely to run as root when they don't
Kyle> need to. This is what the command is supposed to offer. As for
Kyle> the consequences, well, there are always tradeoffs.
Wait, since when is typing an 8 character password time consuming or
difficult?? *I* certainly don't want to worry that if I suddenly have
to leave the room for a brief second, that someone is going to type
sux and have access to root privs. I find this to simply be a
MAJOR security risk.
jc
--
-- James Cameron (jc at raven.bu.edu)
Signal Processing and Interpretation Lab. Boston, Mass (617) 353-2879
------------------------------------------------------------------------------
"But to risk we must, for the greatest hazard in life is to risk nothing. For
the man or woman who risks nothing, has nothing, does nothing, is nothing."
(Quote from the eulogy for the late Christa McAuliffe.)
More information about the Alt.sources.d
mailing list