Mailinglist Archive: opensuse (3407 mails)
| < Previous | Next > |
Re: [opensuse] tarballs
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Wed, 23 Jan 2008 00:00:14 +0100 (CET)
- Message-id: <alpine.LSU.1.00.0801222357500.25845@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Tuesday 2008-01-22 at 16:23 -0500, James Knott wrote:
Because, being a malware, bad things can happen. The malware designer could know of a hole that allowed it to escalate to root somehow.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHlnWAtTMYHG2NR9URAgOLAJ9q1se8mASJNfq4Fws4UfgpMTebugCfRUVb
VRZMrSjg2h7Utye2788/EWU=
=8qd6
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hash: SHA1
The Tuesday 2008-01-22 at 16:23 -0500, James Knott wrote:
Because David wrote, in the email you quoted:
] > The commands were executed by a root shell and was used to download
the ]> loader script,
I was thinking, at first glance, the same, that root was compromised. But
you are right, it's not always the case. Rather, it should never be the
case.
Again, why the root shell? Why wasn't that person using a user ID? In order to run a root shell, someone has to start a root shell. They don't just happen. There's a reason why root shouldn't be used, when not needed.
Because, being a malware, bad things can happen. The malware designer could know of a hole that allowed it to escalate to root somehow.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHlnWAtTMYHG2NR9URAgOLAJ9q1se8mASJNfq4Fws4UfgpMTebugCfRUVb
VRZMrSjg2h7Utye2788/EWU=
=8qd6
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |