Vulnerability Development mailing list archives
Re: Window manager - implementation bug/feature ???
From: mithun () CYBERSPACE ORG (Mithun Bhattacharya)
Date: Tue, 12 Oct 1999 03:02:34 -0400
Hi, First of all my appologies to the group I didn't verfiy what I was doing before shooting off like that !! To clarify It has nothing to do with the Window manager. As told earlier this is a new feature added in RedHat 6.0. http://www.redhat.com/knowledgebase/newpam/ Another thing which got a few people confused was the /dev/hdc - I believe I had written that is my cdrom drive - my appologizes if that wasn't written clearly enough. BUT what I think everyone missed in all the discussion is that the devices are still owned by the non-priviledged user even though the superuser did a su and he is using the console with root priviledges. I think the whole topic needs some more discussion as to how the system can give access to certain devices to non-priviledged user (upon login on console only) without giving access to the raw device itself. I don't think it is a good idea to give access to the raw device. According to the responses till now Debian and Solaris have handled the situation in different ways. What I would like to hear are the security implications of the three methods discussed till date. Any comments will be highly appreciated (even though I w as so late in replying). Regards Mithun
Current thread:
- Re: Window manager - implementation bug/feature ??? Timothy J. Miller (Oct 07)
- <Possible follow-ups>
- Re: Window manager - implementation bug/feature ??? Mithun Bhattacharya (Oct 12)