cross-platform virus
Jan Claeys
lists at janc.be
Sat Apr 8 19:38:00 BST 2006
Op za, 08-04-2006 te 19:13 +0200, schreef Eric Feliksik:
> You have a point; If you compromise a sudo-enabled user-account, you can
> compromise the whole system (in practice). This has been discussed
> several times before, and the developers seem to agree on this and
> accept this.
>
> This is because it's not difficult to make the user run the malware with
> root-priviledges; just make your malware replace an existing
> gksudo-enabled shortcut (modify entry in System-menu, show a
> update-notifier icon, etcetera). This can be done with user-priviledges.
> If you give the program a clever name (like gdm-setup, to fake being
> gdmsetup, etcetera) no-one will notice. Next time it is ran, you enter
> your password (via the normal gksudo, nothing nasty), but the actual
> program that is ran, *is* nasty, and running with root priviledges.
It should be possible to lock this down so that launchers & menu entries
for "admin" tools can only be changed with root privileges?
--
Jan Claeys
More information about the sounder
mailing list