[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Backups - Newbie

Subject: Re: [cobalt-developers] Backups - Newbie
From: Arthur Corliss <corliss@xxxxxxxxxxxxxxxxxxxx>
Date: Tue Aug 15 11:28:43 2000

On Tue, 15 Aug 2000, H.P. Stroebel wrote:

> btw: if you use "su", you should call it ALWAYS with the complete path
> ("/bin/su") to decrease the danger of trojans. and instead of telnet,
> you should use ssh. see the knowledge base for installation
> instructions.

;-)  You're more paranoid than I am.  First of all, '.' should never be in
your path to begin with, and second of all, if the rest of your path (which
typically will be only the /bin:/usr/bin:/usr/local/bin, etc.) has been
compromised, it usually takes root powers to do so.  So, the trojan will *be*
/bin/su, and you've gained nothing.

	--Arthur Corliss
	  Bolverk's Lair -- http://www.odinicfoundation.org/arthur/
	  "Live Free or Die, the Only Way to Live" -- NH State Motto

Follow-Ups:
- Re: [cobalt-developers] Backups - Newbie
  - From: H.P. Stroebel

References:
- Re: [cobalt-developers] Backups - Newbie
  - From: H.P. Stroebel

Prev by Date: Re: [cobalt-developers] secondary name server - HELP
Next by Date: Re: [cobalt-developers] secondary name server - HELP
Previous by thread: Re: [cobalt-developers] Backups - Newbie
Next by thread: Re: [cobalt-developers] Backups - Newbie

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index