Questions tagged [root]
76 questions
0
votes
3 answers
Does sudo ever de-escalate privilege while the program/command/service is running?
For Example
Is it safer to do:
$ sudo [cmd] [args] [enter user password]
or
$ su - [enter root password]
# [cmd] [args]
I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is run as sudo's…
![](../../users/profiles/168744.webp)
0x5929
- 335
- 4
- 13
0
votes
0 answers
Sufficient to only require 2FA for su elevation?
I have a small web-facing server on my home network. It is headless, and the only way to log in is to ssh with pubkey authentication from within the local network.
I wanted to turn on a 2FA authentication PAM module for anybody attempting to log in…
0
votes
0 answers
Government Root CA installed on computer/browser and Man-In-The-Middle
Some countries already have their government Root CA installed on computer/browsers. Is it possible for these countries to read Google etc. mails by using Man-In-The-Middle or similar technique(s)?
![](../../users/profiles/210039.webp)
Kua
- 1
0
votes
1 answer
Employer Self Signed Root Certificate
I don't have knowledge into programming/cybersecurity so I stumbled upon this site and figured I'd ask a quick question. I worked for about 3 years at company and left as of last week. I don't know how I remembered this, but I recall installing a…
0
votes
2 answers
Is the root certificate issued from one Certificate Authority is same for all the requesting organisation?
Let me please explain the question a bit more through an example:
There are lots of companies who have their certificates signed by Verisign (or any CA). I understand that Verisign signs these certs with its Private Key (same key for all…
![](../../users/profiles/63614.webp)
Dexter
- 215
- 1
- 2
- 8
0
votes
1 answer
Why do some root and intermediate certificate authorities have "G2" or "G3" in the name?
I have noticed that some root and intermediate CAs have things like "G2" or "G3" in the name.
For example, take the certificate for amazon.com. The intermediate CA is DigiCert Global CA G2, and the root CA is DigiCert Global Root G2.
I understand…
![](../../users/profiles/177294.webp)
allan
- 9
- 2
0
votes
1 answer
Possible Security threats and mitigations while accessing `/root` through any browser?
I asked this question on Unix Stackexchange. How to access /root directory from a browser?
I got an answer (in a comment by @dsstorefile) that It can be accessed either way :
By running chmod 0777 root
By running browser as a Root User.
I think…
![](../../users/profiles/164312.webp)
C0deDaedalus
- 728
- 1
- 8
- 17
0
votes
2 answers
Prevent program from switching to user without password
I created a user with useradd without specifying a password. When I try to
sudo -u theuser echo hi
I am being prompted for my admin password (unless specified otherwise in the sudoers file, of course).
su -c "echo hi" -s /bin/sh theuser
asks for…
![](../../users/profiles/171614.webp)
phil294
- 1,032
- 2
- 6
- 11
0
votes
1 answer
What could be done with web shell on unrooted android device?
Is it possible to control unrooted android device through a web shell?
I've been trying to execute various php shells but the whole response is error statements like this
php is installed and all other php pages works fine
The tested php shells…
user168532
0
votes
1 answer
What the risks of rooting your Android?
Besides your warranty getting voided, what potential security risks are there with rooting your Android?
![](../../users/profiles/164488.webp)
ssharma
- 71
- 5
0
votes
3 answers
Root access without password
I know it's strongly advised against enabling root access on server but as cracking SSH keys is almost impossible can I enable root access just by using ssh keys and be safe?
My OS is Ubuntu 16.04.
I guess universe has its own jokes but the funniest…
![](../../users/profiles/93170.webp)
Amin Vakil
- 3
- 3
0
votes
1 answer
Possible ways for hackers to alter kernel behaviour without root
I'm wondering is it possible to harm kernel (by injecting shared library, loadable module or something like that) without root. If yes, how hackers can achieve it?
![](../../users/profiles/126164.webp)
Bartosz Królak
- 115
- 1
- 6
-1
votes
3 answers
What prevents Windows from being as secure as Linux?
According to wikipedia, Linux's security compared to Windows is generally due to "the malware's lack of root access."
Why doesn't Windows just fix this?
![](../../users/profiles/278963.webp)
atolnay
- 7
- 2
-1
votes
1 answer
MAC OS full admin rights and software removal in a corp environment
We have MAC OS for our developers (running with root). We also deploy an DLP endpoint agent. Now what happens, in some cases they just sudo and uninstall the agent because it slows down the machine. What options do we have to prevent them doing that…
![](../../users/profiles/96659.webp)
cyzczy
- 1,518
- 5
- 21
- 34
-1
votes
2 answers
Is it dangerous to turn on internet connection under su -c?
If someone would turn on internet connection using command su -c "/sbin/ifup ppp1" would it put system at risk (how bad) ?
![](../../users/profiles/88482.webp)
R S
- 225
- 2
- 7