Re: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Matthew Miller wrote: 
On Thu, Apr 28, 2005 at 09:29:22AM -0400, William Hooper wrote:

I'm sorry -- I thought that *was* the point. Seriously, what more
context does one need here?


Well, the question asked would be nice:
"Thus it has some method of getting root privileges."
The response:
"Inexperienced sysadmins."



Okay. Sure. That is, "regular users of their own machines". :)

So it turns out I didn't miss the point at all.


So the "method of getting root privileges" is "regular users of their own
machines" running random executables (like the ones downloaded by a script
kiddie) as root.

I'm interested in hearing how you would like to close this vulnerability. 


In this case, some simple "don't do that" would have helped. But in the case
of the sort of tricks that work on Windows users ("But the e-mail came from
my friend!" "I wanted to see the funny animation it said was in there!") can
work on Linux users too. We need to *address* that, not just say "this is
approximately zero threat". Obviously education is part of it. A more
sophisticated SE Linux could be another.

Umm.
If my email client runs programs included in email, that's a bug,
If it breaks when interpreting HTML or displaying graphics images or playing noises, that's a bug.

I can easily report bugs, and I can easily choose a different email client: I have half-a-dozen or so installed.

I was reading a little while ago about a tbird (scrit execution) bug on Windows. The moz fold fixed it the same day it was reported. The same problem occurs in The Beast's wares. The Beast is thinking about it.




For this particular situation, something like ClamAV + Dazuko would have
helped. Obviously this wouldn't address the 'rm -rf /" problem, but it *can*
help with a lot of malware.

for "rm -rf /" to work at its best, it needs to be run with root privilege. On my systems, that would remove my files and nobody else's. It would be distressing to me, but the system would be fine.




--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux