Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: How much damage can a compromised user account cause?

  1. #11
    Join Date
    Dec 2011
    Location
    Manchester, UK
    Beans
    356
    Distro
    Ubuntu

    Re: How much damage can a compromised user account cause?

    Quote Originally Posted by bodhi.zazen View Post
    That sort of makes limited sense if the comprise is due to a compromised password.

    By definition, an admin account has root access, so your method in no way prevents and admin (someone with root access) from accessing another admin's account or system files.

    Usually a compromise is not a password, it is "arbitrary code" or shell access.

    See the reports here - http://www.ubuntu.com/usn

    So, now our intruder has shell access. They can do tons of damage already, without privilege escalation.

    They can then, if they so desire, try to leverage privilege escalation. They need a password, either the login (sudo), root (su), or with your method root (target_pw). So, either way, they are one password away from root access. As with shell access, many exploits (code injection) do not require determining the password. The ones that do gain the password work with all 3 (sudo, su, or target_pw).

    Your problem is that you are assuming that the only exploit or method of privilege escalation is via password compromise, and, sadly that is simply not the case.
    Ah the last line cleared it up thanks.

  2. #12
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: How much damage can a compromised user account cause?

    Quote Originally Posted by 0011235813 View Post
    Ah the last line cleared it up thanks.
    You are most welcome.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •