Re: [cobalt-developers] Backups - Newbie

[Arthur Corliss <corliss@xxxxxxxxxxxxxxxxxxxx>]

On Wed, 16 Aug 2000, H.P. Stroebel wrote:

> definitely not correct.
>
> most common are self-deleting su-trojans. it gives you a "password
> incorrect" error while saving the password, and then it deletes itself. 
> so you have the impression of a mistyping, when you call it again, you
> reach the original su.
> 
> trojaned su`s instead of the original should not be so common, as they
> would be easier to detect, due to lack of functionality or different
> checksums (even if there are certain "patches" for tripwire etc.)
> 
> btw.: i AM paranoid, but even little things are important.

I still find your pratice in this regard pretty much irrelevant.  Again:  if
someone has the ability to put a trojan in your path, then any infiltrator
with half a brain cell will have put the trojan in place of the correct
binary.  Even if it's a self-deleting variant, you're still just as hosed.

And any user with half a brain cell wouldn't place *any* directory in his path
that wasn't either directly controlled by himself or the system administrator.

Look at it any way you want to, but if they have the ability to put a trojan
in your path, explicity declaring the path isn't likely to add any security to
your environment.  All you're doing is engendering a false sense of security.

	--Arthur Corliss
	  Bolverk's Lair -- http://www.odinicfoundation.org/arthur/
	  "Live Free or Die, the Only Way to Live" -- NH State Motto