On Thu, August 27, 2009 4:23 pm, Aryeh Gregor wrote:
But you're not going to get root access using
shutdown or kill or
/etc/init.d/apache.
I would not be too certain about that. For example, buffer overflows are
generally only a security problem when they happen in suid-root programs -
this is why programs designed to be suid root have thorough checks on such
problems. Software designed to be used by root does not always have the
same thoroughness of checks - and running such software via sudo could
expose these errors as security problems.
-Merlijn