[Ti] need root help

Tom R. no spam tr5374 at csc.albany.edu
Mon May 31 01:36:52 PDT 2004


Various attacks activate at the privilege level of the active
legitimate user or the active process.  Avoiding root as much
as possible is a standard security measure.  Cf the current
Secunia 11622 security problem with OSX (which I think has been
brought up on this tiBook list).  Note one of the interim "Best
practices recommendations" is "Do not surf the Internet as a
privileged user."  Some suggest creating a separate non-admin
user and web browse only as that non-admin user.

http://secunia.com/advisories/11622/
http://www.euronet.nl/~tekelenb/playground/security/URLschemes/

Actually, FWIW, Kynan's description of the root user pecularity
he ran into (while testing about the Dvorak issue) sounded to me,
from the incomplete info given, not inconsistent with a possibility
of a root-level-access backdoor being present.

On Sun, 30 May 2004, Kynan Shook wrote:

> Enabling the root user is not a security risk; it's just risking
> allowing an uninformed user to do things he or she shouldn't.  Even
> "sudo" is a risk that way; a sudo rm can do major damage if you put a
> space in the wrong location in the path name.  The only way that
> enabling the root user would be a security risk is if it has a weak
> password, in which case your admin account is probably at a similar
> risk.
 . . .
> "Tom R. no spam" <tr5374 at csc.albany.edu> writes:
> > Always worth mentioning that having root user enabled can be
> > a significant security vulnerability.  That's why it's not
> > activated in default state of OSX, having the "sudo" command
> > line functionality available instead.  And if Kynan's system is
> > in this irregular a state after his actions, this root being
> > available even tho the system seems not to know it seems
> > worth being concerned about.



More information about the Titanium mailing list