[X-Unix] App launched by my crontab runs as root if Login Window!
Eric F Crist
ecrist at secure-computing.net
Mon Jun 6 13:48:23 PDT 2005
On Jun 6, 2005, at 2:51 PM, John Baltutis wrote:
> On 06/06/05, Eric F Crist <ecrist at secure-computing.net> wrote:
>
>> ~flipper wrote:
>>
>>>
>>> If a root account is enabled, and I log in as root, I can go
>>> anywhere
>>> on the computer into 'my' 'root' 'home', into other accounts, etc).
>>> But with no root enabled, there are 'walls'...sudo, or no sudo.
>>>
>>>
>> If I'm not mistaken, root disable, or not, you can still sudo su -
>> and
>> go wherever you want to.
>>
>
> You're mistaken. When you launch Terminal, it normally starts up in
> your
> home directory. Now, if you enter this command:
>
> $sudo cd /private/var/root
>
> enter your admin password, you're not taken there.
>
> If you enter:
>
> sudo open /private/var/root/
>
> then, the Terminal pops up a dialog box with this admonition:
>
> "The folder "root" could not be opened because you do not have
> sufficient
> access privileges."
>
> The only way to execute those commands successfully is to enable
> the root
> user via the NetInfo Manager.app.
I'm not mistaken. If you're on a mac with root not 'enabled', and
you open Terminal.app, Type the following command:
# sudo su -
You're going to be asked for the administrator's password. Not the
root password. Now you're root.
Now you can cd /private/var/root.
I know this, because I just did it.
I think you're mistaken in reading su - as cd -.
;)
_______________________________________________________
Eric F Crist "I am so smart, S.M.R.T!"
Secure Computing Networks -Homer J Simpson
More information about the X-Unix
mailing list