[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



Matthew Miller wrote:
[snip]
>> If you can get someone to run an executable as root, then you can do
>> just about anything you want.  The only exception would be if they did a
>> good job with SELinux, but if they did a good job with SELinux they
>> wouldn't be running unknown executables as root.
>
> As Linux becomes more popular, there will be more and more 'inexperienced
>  sysadmins' -- that is, people who heard that Linux was better than
> Windows
> and just want it to go on their system. Unless we start teaching good
> sysadmin practices in grade school (which I'm all for, honestly), this
> issue is going to become more and more of a problem. Education is part of
> the solution, and technical measures like SELinux and better
> end-user-targetted config tools definitely are too. But saying that this
> is just PBCAK and dismissing it as not a real threat is just burying our
> heads in the sand.

Running untrusted executables as root is a PBCAK.  Period.  I don't care
what OS you are running, be it Linux or BSD or WinXP.

In this context, the reason that Linux is "better than Windows" is because
it was designed from the ground up to do day to day tasks with a non-root
user.  Anyone that circumvents this (Linspire anyone?) is asking for the
same trouble that a Windows system always running as root has.

I have no more problem dismissing this "virus" than I have dismissing a
person that shoots themselves cleaning a loaded gun.  I don't blame the OS
any more than I would blame the gun.

--
William Hooper


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]