From: "Sina Bahram" <sbahram@nc.rr.com>
To: "'Speakup is a screen review system for Linux.'"
<speakup@braille.uwo.ca>
Subject: RE: /etc/suauth
Date: Sun, 18 Dec 2005 14:01:30 -0500 [thread overview]
Message-ID: <000001c60405$75aeb7d0$6701a8c0@quark> (raw)
In-Reply-To: <Pine.BSF.4.64.0512171551520.37607@server2.shellworld.net>
So you have increased the chances from 1 out of 99, to 2 out of 99 ...
Actually you have doubled their chances ...
But, regardless of that, I have a question. You said it's harder to find the
password to a user account than to root. Please explain.
Take care,
Sina
-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Jude DaShiell
Sent: Saturday, December 17, 2005 4:00 PM
To: speakup@braille.uwo.ca
Subject: re: /etc/suauth
The analysis is flawed. A machine with 99 user accounts on it and a root
account with only one line in /etc/suauth with one user account on it
presents a hacker with 98 decoys and one hackable account. The hacker has
to go to the trouble of stealing a user account password not a root account
password and that is more difficult to do. It never was only the
possibility of irreversible system damage that was the only reason not to
run as root on the internet with the security specialists in the first
place. Now if on a 99 user account machine you insist on having 99 lines in
/etc/suauth, then a hacker would have 99 possible targets and would be more
likely to break into a machine.
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup
next prev parent reply other threads:[~ UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
/etc/suauth Jude DaShiell
` /etc/suauth Adam Myrow
` /etc/suauth Sean McMahon
` Sina Bahram [this message]
-- strict thread matches above, loose matches on Subject: below --
/etc/suauth Jude DaShiell
` /etc/suauth Adam Myrow
` /etc/suauth Charles Hallenbeck
` /etc/suauth Steve Dawes
` /etc/suauth Charles Hallenbeck
` /etc/suauth Sina Bahram
` /etc/suauth Charles Hallenbeck
` /etc/suauth Sean McMahon
` /etc/suauth Igor Gueths
` /etc/suauth Sean McMahon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000001c60405$75aeb7d0$6701a8c0@quark' \
--to=sbahram@nc.rr.com \
--cc=speakup@braille.uwo.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).