Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'OS 9 boot CD' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
OS 9 boot CD
Authored by: Anonymous on Dec 03, '02 12:42:58AM
Umm... wrong.

There is a huge difference between booting from a CD and modifying your user environment such that any application can execute code with superuser privileges. In the first case, it takes a long time to boot from a CD and screw with the machine.

In the latter-- in the case of opening up sudo to allow any command without a password-- you are opening up your environment such that any app can do whatever the hell it wants without requiring a password. This means that a simple applescript could 'do shell script "sudo bad thing" and you wouldn't even see a mysterious Password: prompt in a terminal window-- enough to arouse suspicion.

You are absolutely correct that it is basically impossible to secure a machine to which an attacker has physical access, but that doesn't mean you should just give up hope, throw away all locks&keys, and open every door/gateway/window to the kingdom.

[ Reply to This | # ]