bash
Gene Heskett
gene.heskett at verizon.net
Wed Dec 7 13:12:17 UTC 2005
On Wednesday 07 December 2005 07:48, Matthew Miller wrote:
>On Wed, Dec 07, 2005 at 01:10:55AM -0500, Gene Heskett wrote:
>> >>and why would you want to do that?
>> >
>> >Cos' that user is only allowed to do cp mv and chmod, not anything
>> > else.
>> >regards
>>
>> And thats enough to own the box.
>
>How?
>
If he can cp and mv something malicious, then chown it to a lower
numbered user, I think he could gain root privs if he was suitably
creative. Maybe not, but it would certainly bear watching/logging IMO.
>--
>Matthew Miller mattdm at mattdm.org
> <http://mattdm.org/> Boston University Linux ------>
> <http://linux.bu.edu/>
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.36% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
More information about the fedora-list
mailing list