| 1 |
On Wednesday 28 July 2004 02:33 pm, Klaus Wagner wrote: |
| 2 |
> > # /emerge/.profile |
| 3 |
> > if [ "`echo " $(who) "|grep "^\ $(whoami)\ "`" != "" ]; then |
| 4 |
> > echo "Only login via 'su' permitted." >&2 |
| 5 |
> > exit 1 |
| 6 |
> > fi |
| 7 |
> keep in mind that if emerge user has write access to it's homedir |
| 8 |
> (which is quite normal and needed by much applikations) the emerge |
| 9 |
> user could easily change (replace) it's own .profile even if it has no |
| 10 |
> write permissions to it. |
| 11 |
|
| 12 |
yep, and you could, in theory, CTRL+C the check couldnt you ? |
| 13 |
probably only happen on a very heavily loaded box ... but that's not something |
| 14 |
i'd bet security on ;) |
| 15 |
-mike |
| 16 |
|
| 17 |
-- |
| 18 |
gentoo-security@g.o mailing list |
Archives