| 1 |
*ix vets should know this already, but I was thinking about it again |
| 2 |
today, wondering how many sysadmin (and every Gentoo system user with |
| 3 |
root access is effectively a sysadmin) newbies know it, thus this post. |
| 4 |
|
| 5 |
No untrusted or non-root user should be able to set the path for root, or |
| 6 |
write to any directories found in that path. If they can, or can |
| 7 |
otherwise convince a root user to run an executable that they can write |
| 8 |
to, they effectively already have root. |
| 9 |
|
| 10 |
Something to think about when you are running as root. Do you ever as |
| 11 |
root run scripts or other executables that a user has write access to? |
| 12 |
Are your system permissions and root path setup appropriately so you |
| 13 |
can't run them by default, perhaps when someone puts their own version of |
| 14 |
something like ls earlier in your path than the system version? |
| 15 |
|
| 16 |
Some cautious admins make it a practice to always use a full path when |
| 17 |
invoking a command as root. That's a good practice, as far as it goes, |
| 18 |
but to be really effective, they must ensure no scripts or other commands |
| 19 |
they run as root, invoke anything else without full path either. That's |
| 20 |
a tough one, even tougher than teaching yourself to always use a full |
| 21 |
path, so not so many bother. |
| 22 |
|
| 23 |
Who knows, maybe this will prevent someone reading it from getting |
| 24 |
rooted. Like I said, I was just thinking about it, and decided it might |
| 25 |
be something worth posting. |
| 26 |
|
| 27 |
-- |
| 28 |
Duncan - List replies preferred. No HTML msgs. |
| 29 |
"Every nonfree program has a lord, a master -- |
| 30 |
and if you use the program, he is your master." Richard Stallman |
| 31 |
|
| 32 |
-- |
| 33 |
gentoo-amd64@l.g.o mailing list |
Archives