1 |
On Wednesday 28 July 2004 02:33 pm, Klaus Wagner wrote: |
2 |
> > # /emerge/.profile |
3 |
> > if [ "`echo " $(who) "|grep "^\ $(whoami)\ "`" != "" ]; then |
4 |
> > echo "Only login via 'su' permitted." >&2 |
5 |
> > exit 1 |
6 |
> > fi |
7 |
> keep in mind that if emerge user has write access to it's homedir |
8 |
> (which is quite normal and needed by much applikations) the emerge |
9 |
> user could easily change (replace) it's own .profile even if it has no |
10 |
> write permissions to it. |
11 |
|
12 |
yep, and you could, in theory, CTRL+C the check couldnt you ? |
13 |
probably only happen on a very heavily loaded box ... but that's not something |
14 |
i'd bet security on ;) |
15 |
-mike |
16 |
|
17 |
-- |
18 |
gentoo-security@g.o mailing list |