Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Root - NO KDE
- Date: Mon, 24 Jun 2002 17:41:25 +0900
- From: Matt Doughty <mdoughty@example.com>
- Subject: Re: [tlug] Root - NO KDE
- References: <Pine.SUN.3.95.1020624134402.21615E-100000@example.com> <3D16B06C.9020505@example.com> <1024906114.3370.3.camel@example.com>
- User-agent: Mutt/1.4i
On Mon, Jun 24, 2002 at 05:08:32PM +0900, Eric Oliver Flores wrote: > Are you are referring to the recent found vulnerability? > The Mandrake Guys were quick to release a fix (MDKSA-2002-:039-2). > I hope! :) > All well and good, but you are completely missing the point. Anything that is run as root has access to the entire system. If someone finds a remotely exploit in some piece of software you run the possible damage that can be done is very much effected by the access rights of the compromised software. If you are running everything as root then you are wide open. Moreover, there is never a need to run Xfree as root. In a way this 'bug' is actually a security 'feature' that you really shouldn't be trying to fix. -Matt
- Follow-Ups:
- Re: [tlug] Root - NO KDE
- From: Eric Oliver Flores
- RE: [tlug] Root - NO KDE
- From: James Cluff
- Re: [tlug] Root - NO KDE
- References:
- Re: [tlug] Root - NO KDE
- From: Nguyen Hung Vu
- Re: [tlug] Root - NO KDE
- From: Josh Glover
- Re: [tlug] Root - NO KDE
- From: Eric Oliver Flores
- Re: [tlug] Root - NO KDE
- Prev by Date: Re: [tlug] Root - NO KDE
- Next by Date: Re: [tlug] Re: Piping stderr?
- Previous by thread: Re: [tlug] Root - NO KDE
- Next by thread: Re: [tlug] Root - NO KDE
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |