Subject: Re: CVS commit: basesrc/bin/ksh
To: None <firstname.lastname@example.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 09/27/2002 08:17:43
>>> there already is user with uid=0 and /bin/sh as a login shell.
>> That's a security hole and a proverbial PITA.
> toor has a, "don't use me," password. So how is a security *hole*.
Because not all ways of getting a user to run something require a
password. Waving them all away with "but you have to have root access
first" ignores the reality that quite often, a bug may permit, say,
creating a new crontab file but nothing else. Having toor around makes
it that much easier to leverage such restricted bugs into full access.
*That* is the sense in which it's a security hole. Whether that's a
large enough one to justify removing it is, of course, another
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML email@example.com
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B