[ale] System security
Jim Kinney
jim.kinney at gmail.com
Sat Feb 12 19:54:43 EST 2022
I'm 99.5% certain that a script or binary owned by a deleted user (user removed from system but user ID number not reassigned so just a bare UID) is not runable by any means other than root assuming not set 755. System applications, like postgresql or nginx, have a user. This situation there is no user, no entry in ldap or passwd, no shell, nothing.
If there's a reference to back this up, my google-fu is apparently weak. Pointers highly welcome.
Sudden departures of persons with sysadmin status and full sudo to root everywhere are a pain.
--
Computers amplify human error
Super computers are really cool
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20220212/44a65550/attachment.htm>
More information about the Ale
mailing list