On Wed, Jan 04, 2006 at 06:25:02PM +0100, martin f krafft wrote: > > Nevertheless the sysvinit maintainers thought it would be a good > > idea to ask here whether anyone sees any security problems arising > > from this feature. > > ... sounds like a nice way to infest a system with a trojan, in > addition to kernel modules and other Linux maladities. That is, if > the attacker gets root...
Yes, but we've already established through years of experience that, once an attacker has root access, all bets are off. It's like that class of local root exploits that are only available to users already authenticated as root... noah
signature.asc
Description: Digital signature
