[TriLUG] Privileges and Social Engineering
Mike Johnson
mike at enoch.org
Sat Jun 12 22:42:10 EDT 2004
Jeff Tickle [jtickle at jtsoft.net] wrote:
> So on the Apple, does the user set the root password at some point? You
Nope. They have a concept of 'administrative' users. These users can
use sudo (from the command line) or authenticate through the GUI when
root-ish powers are needed.
Now, you -can- enable the root account and give it a password, but it's
a bunch of hoops, and noob's will never do it.
> make a good point that there are still good vulnerabilities in the home
> directory. I didn't think of those, and there's no real way around
> them. And you'll always indeed have the very few people (but enough)
> who install that cool program that "Bob" sent them. I don't suppose
> there's any real good way of getting around the problem...
A very tight SELinux setup might pull it off, but it'd be annoying
enough that regular users wouldn't use it.
> Oh well. It was just a thought. Possibly still not a bad idea, but
> definitely not a 100% effective solution.
Though, there is something to be said for an 80% solution...
Mike
--
"If life hands you lemons, YOU BLOW THOSE LEMONS TO BITS WITH
YOUR LASER CANNONS!" -- Brak
GNUPG Key fingerprint = ACD2 2F2F C151 FB35 B3AF C821 89C4 DF9A 5DDD 95D1
GNUPG Key = http://www.enoch.org/mike/mike.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20040612/fa5b008d/attachment.pgp>
More information about the TriLUG
mailing list