%% Mark Roach <[EMAIL PROTECTED]> writes: mr> Note: if you tell me that he is going to boot off a knoppix CD and mr> crack root on the box to su to userB, you must give me at least mr> one example of an alternative that is not susceptible to an attack mr> by a malicious local root
Any method that forces the client to authenticate himself by more than simple UID. It must be doable since Windows SMB does it: having Administrator privileges on your Windows box doesn't give you the ability to read anyone else's files on a remote SMB share. For example, there are versions of NFS that use Kerberos for authentication. In this scenario simply being root (which given physical access to the box is obviously trivial) won't get you access to someone else's files. I don't personally know of any site that uses this, but it's in the NFS standards. You may argue that if you have root access on your target's box you can snoop enough information to fake out Kerberos, and you're probably right. You can install trojans, for starters. But at least you have to have root access on _their_ box and you have to do some work that is potentially detectable; with normal NFS all you need is root access on your _OWN_ box, plus a trivial "su", which is far, far simpler to accomplish, and virtually untraceable. -- ------------------------------------------------------------------------------- Paul D. Smith <[EMAIL PROTECTED]> HASMAT--HA Software Mthds & Tools "Please remain calm...I may be mad, but I am a professional." --Mad Scientist ------------------------------------------------------------------------------- These are my opinions---Nortel Networks takes no responsibility for them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]