Thus spake Ken Bloom ([EMAIL PROTECTED]):
> On Tue, 21 Oct 2003 18:20:22 +0200, Bijan Soleymani wrote:
>
> > On Tue, Oct 21, 2003 at 11:34:52AM -0400, Roberto Sanchez wrote:
> > For example imagine you make "cat" suid...
> >
> > Then someone can do:
> > cat /bin/rm /bin/cat
>
> Interesting atta
On Tue, 21 Oct 2003 18:20:22 +0200, Bijan Soleymani wrote:
> On Tue, Oct 21, 2003 at 11:34:52AM -0400, Roberto Sanchez wrote:
> For example imagine you make "cat" suid...
>
> Then someone can do:
> cat /bin/rm /bin/cat
Interesting attack in theory, but it doesn't work.
the correct command is cat
David Jardine wrote:
On Wed, Oct 22, 2003 at 09:45:09AM -0400, Roberto Sanchez wrote:
[EMAIL PROTECTED] wrote:
MS windows is 'friendly' to users and virii and cracker alike out of the
box. Us *nix folks like to keep our data a bit safer.
Not trying to start a flame-fest here, but the correct plu
On Tue, Oct 21, 2003 at 03:40:48PM -0400, Mark Roach wrote:
> On Tue, 2003-10-21 at 12:03, Bijan Soleymani wrote:
> [...]
> > For example imagine you make "cat" suid...
> >
> > Then someone can do:
> > cat /bin/rm /bin/cat
> > cat -rf /
>
> This would just output both /bin/rm and /bin/cat to your
On Wed, Oct 22, 2003 at 09:45:09AM -0400, Roberto Sanchez wrote:
> [EMAIL PROTECTED] wrote:
>
> >MS windows is 'friendly' to users and virii and cracker alike out of the
> >box. Us *nix folks like to keep our data a bit safer.
> >
>
> Not trying to start a flame-fest here, but the correct plural
[EMAIL PROTECTED] wrote:
MS windows is 'friendly' to users and virii and cracker alike out of the
box. Us *nix folks like to keep our data a bit safer.
Not trying to start a flame-fest here, but the correct plural form of
virus is viruses. I know that as GNU/Linux users this viruses are
something
HI B,
On Tue, 21 Oct 2003, Benedict Verheyen wrote:
> Hi,
>
> i'm wondering what the best method is of allowing a normal user account to
> do stuff like writing cd's, accessing local webpages (/var/www) and so on.
> There are a couple of methods like:
>
> 1. Making a group, put the user in that g
On Wed, 2003-10-22 at 02:53, Ryan Nowakowski wrote:
> On Windows, by default, there's no restrictions on who (or what) can
> install or run software. That's partially why MS is it such deep
> trouble right now in terms of security. However, if you prefer that
> level of convenience while knowingl
On Tue, 2003-10-21 at 12:03, Bijan Soleymani wrote:
[...]
> For example imagine you make "cat" suid...
>
> Then someone can do:
> cat /bin/rm /bin/cat
> cat -rf /
This would just output both /bin/rm and /bin/cat to your screen...
if you were to "cat /bin/rm > /bin/cat" you would get
[EMAIL PROTEC
On Tue, Oct 21, 2003 at 11:34:52AM -0400, Roberto Sanchez wrote:
> If the machine is isolated behind a firewall, then you probably have
> nothing to worry about. I think the concern is that cdrecord lets you
> remotely access the burning device, which could be trouble on a file
> server as you poi
Benedict Verheyen wrote:
2. In case of cd writing, you can set the SUID of cdrecord and related
programs or you can use sudo. Only problem with sudo is that the user
has to type sudo in front of the commands.
dpkg-reconfigure cdrecord, and then set it suid. Add users to the cdrom
group if you want
Rob Weir wrote:
On Tue, Oct 21, 2003 at 09:48:33AM -0400, Roberto Sanchez said
Benedict Verheyen wrote:
Hi,
i'm wondering what the best method is of allowing a normal user account to
do stuff like writing cd's, accessing local webpages (/var/www) and so on.
There are a couple of methods like:
1.
On Tue, Oct 21, 2003 at 09:48:33AM -0400, Roberto Sanchez said
> Benedict Verheyen wrote:
> >Hi,
> >
> >i'm wondering what the best method is of allowing a normal user account to
> >do stuff like writing cd's, accessing local webpages (/var/www) and so on.
> >There are a couple of methods like:
> >
>> 2. In case of cd writing, you can set the SUID of cdrecord and related
>> programs or you can use sudo. Only problem with sudo is that the user
>> has to type sudo in front of the commands.
>>
>
> dpkg-reconfigure cdrecord, and then set it suid. Add users to the cdrom
> group if you want them t
On Tue, Oct 21, 2003 at 12:22:36PM +0200, Benedict Verheyen wrote:
> What is the best method with security and user-friendliness in mind?
There's always a tradeoff: security for convenience. The more security
you have, in general the less convenient it is to use your computer.
> I mean, I could
Benedict Verheyen wrote:
Hi,
i'm wondering what the best method is of allowing a normal user account to
do stuff like writing cd's, accessing local webpages (/var/www) and so on.
There are a couple of methods like:
1. Making a group, put the user in that group and set that group as owner
of say /v
16 matches
Mail list logo
