[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: fonts, autofs and things
> Date: Fri, 11 Jun 1999 17:50:06 -0400 (EDT)
> From: Donovan Rebbechi <firstname.lastname@example.org>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> Sender: email@example.com
> Reply-To: firstname.lastname@example.org
> X-To-Get-Off-This-List: mail email@example.com, body unsubscribe independence-l
> X-UIDL: 6beabf9673f963c3be2cb960980f691e
> On Fri, 11 Jun 1999, JF Martinez wrote:
> > so I commented it out. If consensus is I was wrong I will keep
> > automounting of floppies.
> Not such a bad idea.
> > By the way I am atonished how unsecure is the autofs default file in
> > RedHat. If you start it (by default it is not and I fixed this) then
> > every rascal can insert a floppy containing setuid programs or dev
> > files and destroy your box in seconds or install a backdoor in your
> > box.
> Your box is at the mercy of anyone with physical access. Several times,
> I've had downtime because some idiot turned my box off, despite that I had
Put an armed guard near your box. :-)
> a note on it saying not to do this.
I know it. I very often ironized about the denial of service attack
consisting in using an axe on a computer. But far worse is the sneaky
attack like planting a program who periodically corrpts your data,
kills a vital daemon, or stops your box. And if you have a pasowrd in
your BIOS, one in LILO, you don't allow booting of a floppy or CD, and
you are the only one knowing the root password then the only way to
plant a program in your box is unsecure mounts or automounts.
> -- Donovan
- From: Donovan Rebbechi <firstname.lastname@example.org>