setperms on linux
Bill Campbell
bill at celestial.com
Thu Apr 13 10:40:37 PDT 2006
On Thu, Apr 13, 2006, Kenneth Brody wrote:
>Quoting Bill Campbell (Thu, 13 Apr 2006 10:21:37 -0700):
>[...]
>> I think that SuSE Linux sets nosuid and noexec in /etc/fstab on any file
>> systems that are user montable to prevent this type of abuse.
>[...]
>
>You mean like "I have a Linux box at home, so I'll just make a root
>setuid executable there, put it on a CD, and bring it to work"?
Exactly!
BTW: One of the strongest arguments for thin clients with *NO* removable
media is to prevent this type of thing, and to prevent employees from
running off with company assets. One of our clients had a husband and wife
working for them. When one of them was fired, the other, who worked in
``human resources'', took quite a bit of personnel data home with here from
her Windows machine at work.
Bill
--
INTERNET: bill at Celestial.COM Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
``If the personal freedoms guaranteed by the Constitution inhibit the
government's ability to govern the people, we should look to limit those
guarantees.''
-President Bill Clinton, August 12, 1993
More information about the Filepro-list
mailing list