Dailydave mailing list archives
Re: PrivSep
From: "Darren Spruell" <phatbuckett () gmail com>
Date: Tue, 19 Jun 2007 16:16:44 -0700
On 6/19/07, Sebastian Krahmer <krahmer () suse de> wrote:
Not to mix up with Priv Sepp wich is me (maybe only a funny joke in german:) http://c-skills.blogspot.com/2007/06/note-on-privilege-separation.html Especially the recursive aspect of sneaking into a session makes this a real problem.
Interesting, but is there ever an assumption that these sessions are "secured" from the superuser in Unix in the first place? - root has direct access to memory to retrieve session keying material - root can read the shadow password file - root can trojan/patch sshd to collect credentials and session data - root can read/write the pty - ... Seems like fearing root on a (local or remote) system you're logging into is a little redundant. DS _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- PrivSep Sebastian Krahmer (Jun 19)
- Re: PrivSep Darren Spruell (Jun 20)
- Re: PrivSep Sebastian Krahmer (Jun 20)
- Re: PrivSep Damien Miller (Jun 20)
- Re: PrivSep Sebastian Krahmer (Jun 20)
- Re: PrivSep Darren Spruell (Jun 20)