[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: [LI] su permission

To: linux-india@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [LI] su permission
From: Sojan James <sojan@xxxxxxxxxxx>
Date: Fri, 19 Nov 1999 16:04:31 -0500 (Etc/GMT)
In-reply-to: <3.0.1.32.19991119115651.006aaef0@172.17.9.9>
Reply-to: linux-india
Sender: owner-linux-india@xxxxxxxxxxxxxxxxxxxxx

B
On Fri, 19 Nov 1999, m_hariprasad wrote:

> Hi, 
>      How do we restrict a normal user from using "su" command and gaining
> root permissions?

EVen if he/she uses the su command, he/she'll have to know the root
password to continue. If he/she does....then noone can help u.

You can remove /bin/su if you really want to be safe.
I recently saw a fabulous piece of
code which when executed and given the IP address if a RH5.2 machine
actually gives you a root shell on the machine without even having a user
account on that machine! This exploits the Wu-ftp bug.

NEone interested in the code?

Regards

Sojan.

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.

References:
- [LI] su permission
  - From: m_hariprasad

Prev by Subject: [LI] su permission
Next by Subject: Re: [LI] su permission
Previous by thread: Re: [LI] su permission
Next by thread: Re: [LI] su permission
Index(es):
- Subject
- Thread