On Tue, May 21, 2002 at 01:23:20PM -0500, Dave Sherohman wrote: > On Mon, May 20, 2002 at 08:26:11PM +0100, Colin Watson wrote: > > Like the document says, regularly su'ing to root from an account makes > > compromising that account essentially equivalent to compromising root > > anyway. > > How so? Regularly sudo'ing, sure, since that uses the user's password > as a (hopefully limited) root password. Or if the user's password > and the root password are the same (which is a problem unto itself). > However, I have two separate (and relatively strong) passwords for my > user account and for root. In this situation, how would frequent use of > su from my account "make compromising that account essentially equivalent > to compromising root"?
Do you check for processes running under your uid every time you run su? Not many people do. It's sensible to consider an account root-equivalent if it frequently escalates to root, and I know (paranoid) people who maintain separate insecure and secure user accounts to make this explicit. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
