[X-Unix] App launched by my crontab runs as root if Login Window!

[Alexandre Gauthier]

John Baltutis wrote:

>On 06/06/05, Eric F Crist <ecrist at secure-computing.net> wrote:
>  
>
>>~flipper wrote:
>>    
>>
>>>If a root account is enabled, and I log in as root, I can go anywhere
>>>on the computer into 'my' 'root' 'home', into other accounts, etc).
>>>But with no root enabled, there are 'walls'...sudo, or no sudo.
>>>
>>>      
>>>
>>If I'm not mistaken, root disable, or not, you can still sudo su - and
>>go wherever you want to.
>>    
>>
>
>You're mistaken. When you launch Terminal, it normally starts up in your
>home directory. Now, if you enter this command:
>
>$sudo cd /private/var/root
>
>enter your admin password, you're not taken there.
>
>If you enter:
>
>sudo open /private/var/root/
>
>then, the Terminal pops up a dialog box with this admonition:
>
>"The folder "root" could not be opened because you do not have sufficient
>access privileges."
>
>The only way to execute those commands successfully is to enable the root
>user via the NetInfo Manager.app.
>  
>

No he is not.

Let me break it to you this way.

$ sudo su -
password:
# echo "Hello ladies."


Basically, you have just spawned a login shell as root through sudo...
if you were anal enough you could also do this:

$ sudo bash
password:
#

There, you just ran bash as root. Hence you have a root shell.
What is so hard to grasp in this concept? Sudo runs something as root,
as simple as that...

-- 
Alexandre Gauthier
supernaut at underwares.org

underwares.org
Obscure IT knowledge Open Database

The human brain operates at only 10% of its capacity. The rest is overhead for
the operating system.