k...@aspodata.se writes: > Arnt Gulbrandsen: >> By now, the concept of unprivileged local users is a little obsolete >> anyway. > > Yes, unless you let your kids or some guests use your computer.
How many of your "kids and guests" even know what a kernel is, let alone how to exploit a bug in one? >> Today, hosts generally serve only one unix user, there >> generally is only one local user of one host, and that local user is >> the user that owns everything valuable. So is the a real point to >> local-user-to-root exploits? I suppose there is, but it is much smaller >> than it was ten or twenty years ago. > > The problem is not the local user == the owner, instead it is an > unknown breaking in as a local user and then gaining root powers. That's not going to be terribly difficult on a system I use as accounts I'm using usually can get root via sudo without entering a password. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
