• 0 Posts
  • 40 Comments
Joined 2 years ago
cake
Cake day: June 9th, 2023

help-circle





  • The scenario OC stated is that if the attacker has access to the user on the server then the attacker would still need the sudo password in order to get root privileges, contrary to direct root login where the attack has direct access to root privileges.

    So, now i am looking into this scenario where the attack is on the server with the user privileges: the attacker now modifies for example the bashrc to alias sudo to extract the password once the user runs sudo.

    So the sudo password does not have any meaningful protection, other then maybe adding a time variable which is when the user accesses the server and runs sudo








  • ShortN0te@lemmy.mltoLinux@lemmy.mlLooking for YouTube Tutorials on Arch
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    edit-2
    28 days ago

    Either you are heavily misinformed about how difficult arch is, or you lack any confidence intervals in your ‘Linux skill’.

    Choose the system you want to achieve, follow the wiki and choose the software you want to use using it and you are good to go, it really is not that hard. You can always use archinstall.