[olug] restricted term
Will Langford
unfies at gmail.com
Thu Jan 15 20:09:14 UTC 2009
... I've seen gnome and such ask for super user passwords when attempting to
do something it knows is going to require that kind of access.
Is there any way to set something like that up that will run a shell script
that will then change permissions of an xterm to executable, run it, then
change permission back to non executable ?
This way you use the built in stuff for privilege escalation and possibly
only leave a small window of attack for the xterm executable to be run as
non-root ?
Similarly -- is there any chance to have xterm and such be setuid/setgroup'd
so that it runs as 'nobody', thereby denying it access to /dev/pt* ?
Lotsa questions similar to that.
-Will
More information about the OLUG
mailing list