Re: Java allows root access without permission?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


  On 10/27/2010 01:00 PM, Michael Cronenworth wrote:
> Fedora 13 x86_64 with OpenJDK (not Sun) installed.
> I was required to login to a web site today to configure a VPN and the
> site installed a Cisco VPN Java applet. When it was finished installing
> and was running I noticed the processes where running as root and had
> installed into /opt. I had not given it my root password or any
> permission to do so. It did not install any RPM package. It was all
> driven by a Java applet.
> $ ps -efw #id 502 is me
> 502       4791  2668  0 11:16 ?        00:00:19
> /usr/lib/jvm/java-1.6.0-openjdk-
> sun.appl
> root      4923     1  0 11:16 ?        00:00:00 /opt/cisco/vpn/bin/vpnagentd
> Is this something "allowed" by some configuration setting in OpenJDK
> somewhere? I'd like to turn off this "feature" ASAP.
> Thanks,
> Michael
Wow! Michael, you may have discovered that  Java is
a backdoor trojan :) :)

users mailing list
[email protected]
To unsubscribe or change subscription options:

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux