Michael O'Keefe wrote: > >>That user is exposed, nobody else is > > > >local user access + local root exploit = remote root. > > So your problem is local root exploit
Your password is exposed. Now J Random Script Kiddie can log in. Use that local root, and BAM remote root. The problem is not local root, it is remote root. > Fix the problem, don't hide it by making users change their passwd. > or do you trust your users to not use the root exploit, just becoz ... Do you follow BugTraq? VulnDev? Other security-focused mailing lists? Local escalations are not exactly rare. And they happened to exist _before_ they are discovered. Can you state that right now all of your systems have *no* privilege escalation vectors? (Obviously, things like su don't count as they are legitimate). Systems like LIDS and SELinux go a long way to mitigate. Are you using something like that and know (ie: have extensively tested) that it is set up properly? As I said in reply to Lan, I may be a bit more paranoid than others in this regard. -john -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
