On Mon, 2013-12-09 at 18:13 +0100, Gian Uberto Lauri wrote: > Think about this scenario: someone devises a clever way to slip a > Trojan in a user account.
Than the trojan has got user privileges only. If it's a key logger it can read what password you type for sudo, but also what you type for su. User 1000 who has got cow powers when using sudo, does not have the cow powers without running sudo. It doesn't matter if you set-up and use sudo, su or sudo and su. Security is a combination of actions to be taken. I know they hack servers, but was the Linux home PC of anybody on this list ever hacked? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1386610474.14806.166.camel@archlinux
