Re: again security proposal

Philip Blundell (Philip.Blundell@pobox.com)
Wed, 31 Dec 1997 13:06:49 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mario Mikocevic: "idex detection problem"
Previous message: Evan Moseman: "Black Linux port"
Maybe in reply to: Yuri Kuzmenko: "again security proposal"

>On Mon, 29 Dec 1997, Alan Cox wrote:
>
>> > No... See my message. chown must be run from root. This is "standard"
>> > operation (changing user uid, etc). Also, I think that my patch (or
>> > analog because I don't check all user's groups) must be included to
>> > further kernels as a configurable option.
>> Root is supposed to be able to do it. Fix your chown program if it upse=
>ts
>> you. Im sure GNU will take a chown --nolinked patch
>
>But 'hacker' can compile is't own tool.

The tool has to be run by root, though, and if the hacker can get root to run
arbitrary programs all is already lost.

Next message: Mario Mikocevic: "idex detection problem"
Previous message: Evan Moseman: "Black Linux port"
Maybe in reply to: Yuri Kuzmenko: "again security proposal"