Mailinglist Archive: opensuse (3394 mails)

[jpennington@xxxxxxxxx (Jon Pennington)]

On Tue, 07 Mar 2000, Sander van Vugt wrote:
> I'm sorry to be a pain-in-the-ass, but if I understand it correctly, the
> only downside of being logged in as root, is that I might be sleepy and do
> something stupid to myself. I still don't see the security risk in relation
> to potential hackers, like there was, for example in Netware 3.11.

Okay, for instance; there are known bugs in ircii-based IRC clients (ircii,
epic, BitchX, others) that would allow a foreign host to gain root access to
your system when said client is attached to an IRC server as root.  ircii's
greatest strength is it's highly scriptable architecture, and it used to be as
simple as a Tcl or PERL script that would allow your nemisis access to your
own box.  Don't IRC as root.

Numerous applications have similar security holes that simply haven't
been found yet.  Consider for a moment all of the bugs that old FTP servers and
old Sendmail's had; part of the problem was the fact that they were running the
daemon as root, instead of a privelaged user.  An assailant writes a bit of C
to attach to the FTP daemon, causes a buffer overrun (the most common type of
attacks these days), the daemon/application dies unexpectedly, and *!violla!* 
Root shell.  Read some Usenet one of these days; it'll be an eye-opening
experience.  As a matter of fact, SuSE hosts an excellent (if slow) Security
related list.  That makes for good reading, too ;).


-- 
-=|JP|=-
Jon Pennington		|   Atipa Linux Solutions    -o)
jpennington@xxxxxxxxx	|   Kansas City, MO	     /\\
816-241-2641 x121	|   http://www.atipa.com    _\_V

-- 
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx             
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/