[X-Unix] App launched by my crontab runs as root if Login Window!
Alexandre Gauthier
supernaut at underwares.org
Mon Jun 6 12:03:24 PDT 2005
Eric F Crist wrote:
> ~flipper wrote:
>
>> Brian Medley wrote:
>>
>>> > So, with 'root' disabled. (a misnomer, since root is not enabled in
>>>
>>>> the first place, having no password, no shell default, no console
>>>> access, etc)...
>>>>
>>>> try using sudo to cd your way into /private/var/root
>>>>
>>>> let me know how you do.
>>>
>>>
>>>
>>> cd is a shell builtin. sudo has no way to run this as any user.
>>
>>
>>
>> What's up? Sarcasm detector wasn't working, eh? My point was that
>> with root disabled (in it's standard-shipped Unix default), the
>> presence of 'sudo' is NOT de facto evidence of a root account having
>> been enabled (at any time), as was alluded to in the OP. It's merely
>> an escalation to admin (or a sort of 'super' admin status), in that
>> there are still operations that sudo won't allow.
>>
>> If a root account is enabled, and I log in as root, I can go anywhere
>> on the computer into 'my' 'root' 'home', into other accounts, etc).
>> But with no root enabled, there are 'walls'...sudo, or no sudo.
>>
>> brian s
>> _______________________________________________
>> X-Unix mailing list
>> X-Unix at listserver.themacintoshguy.com
>> http://listserver.themacintoshguy.com/mailman/listinfo/x-unix
>>
>> Listmom is trying to clean out his closets! Vintage Mac and random
>> stuff:
>> http://search.ebay.com/_W0QQsassZmacguy1984
>>
>>
> If I'm not mistaken, root disable, or not, you can still sudo su - and
> go wherever you want to.
>
You are right. I was about to mention -- with sudo you run whatever you
run as root. Nothing stops you from running a login shell as root :) It
is not merely "some sort of escalation" but rather, you just plain run
the command as uid 0. Try touching a file through sudo and tell me to
who it belongs...
--
Alexandre Gauthier
supernaut at underwares.org
underwares.org
Obscure IT knowledge Open Database
The human brain operates at only 10% of its capacity. The rest is
overhead for the operating system.
More information about the X-Unix
mailing list