Subject: Re: NetBSD-3.1 was attacked: Bug of SSHD or cyrus-sasl?
To: Geert Hendrickx <ghen@telenet.be>
From: Andy Ruhl <acruhl@gmail.com>
List: netbsd-users
Date: 01/12/2007 16:51:51
On 1/12/07, Geert Hendrickx <ghen@telenet.be> wrote:
> So, you guys have no local users on your systems ... ?>
> Isn't that exactly why many daemons (mail, web, dns, ...) run as non-root;
> if they get cracked, the entire system is not compromised? The concept of
> unprivileged users is the corner stone of the UNIX security model.
I agree, but I'm coming around to the notion that I think everyone
else is trying to get me to understand. If these people are smart
enough to break in, they may be smart enough to get root too, and if
they are really, really smart (or have a good root kit I suppose),
they can do it without being noticed.
I think on a system like NetBSD with even moderate security measures,
this is a highly unlikely possibility. But then again, maybe we don't
even know what doors we are leaving wide open sometimes...
Gotta do whatever you can and hope for the best I suppose.
Andy