setperms on linux

Bill Campbell bill at celestial.com
Thu Apr 13 10:40:37 PDT 2006


On Thu, Apr 13, 2006, Kenneth Brody wrote:
>Quoting Bill Campbell (Thu, 13 Apr 2006 10:21:37 -0700):
>[...]
>> I think that SuSE Linux sets nosuid and noexec in /etc/fstab on any file
>> systems that are user montable to prevent this type of abuse.
>[...]
>
>You mean like "I have a Linux box at home, so I'll just make a root
>setuid executable there, put it on a CD, and bring it to work"?

Exactly!

BTW:  One of the strongest arguments for thin clients with *NO* removable
media is to prevent this type of thing, and to prevent employees from
running off with company assets.  One of our clients had a husband and wife
working for them.  When one of them was fired, the other, who worked in
``human resources'', took quite a bit of personnel data home with here from
her Windows machine at work.

Bill
--
INTERNET:   bill at Celestial.COM  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

``If the personal freedoms guaranteed by the Constitution inhibit the
government's ability to govern the people, we should look to limit those
guarantees.''
   -President Bill Clinton, August 12, 1993


More information about the Filepro-list mailing list