lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1073778660.3655.6.camel@tantor.nuclearelephant.com>
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski)
Subject: Fedora/RedHat ConsoleHelper Privileged Access Preserved

I noticed running Gnome 2.4 on Fedora that privileged access acquired
via the console helper (and pam) is preserved after the user logs out
and back in, for at least an adequate amount of time to log back in and
retain root privileges.

In general, people don't share accounts but this could present a problem
on a shared NOC machine or a machine with a single administrative
account that is managed remotely.  If a user logs out after being
granted privileged access, another user can log right back in to the
administrative account and still have this access.

As I said this isn't a big deal since most systems will have individual
user accounts, but this isn't always the case.  

Jonathan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ