Highest Voted 'root' Questions - IT Security Stack Exchange

0

votes

3 answers

Does sudo ever de-escalate privilege while the program/command/service is running?

For Example Is it safer to do: $ sudo [cmd] [args] [enter user password] or $ su - [enter root password] # [cmd] [args] I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is run as sudo's…

privilege-escalation sudo root

asked Apr 11 '20 at 09:08

0x5929

335
4
13

0

votes

0 answers

Sufficient to only require 2FA for su elevation?

I have a small web-facing server on my home network. It is headless, and the only way to log in is to ssh with pubkey authentication from within the local network. I wanted to turn on a 2FA authentication PAM module for anybody attempting to log in…

linux multi-factor openssh root

asked Jun 27 '19 at 09:35

user3734989

1

0

votes

0 answers

Government Root CA installed on computer/browser and Man-In-The-Middle

Some countries already have their government Root CA installed on computer/browsers. Is it possible for these countries to read Google etc. mails by using Man-In-The-Middle or similar technique(s)?

man-in-the-middle certificate-authority root

asked Jun 12 '19 at 12:39

Kua

1

0

votes

1 answer

Employer Self Signed Root Certificate

I don't have knowledge into programming/cybersecurity so I stumbled upon this site and figured I'd ask a quick question. I worked for about 3 years at company and left as of last week. I don't know how I remembered this, but I recall installing a…

certificates privacy root

asked Apr 28 '19 at 19:15

crazytoaster

1

0

votes

2 answers

Is the root certificate issued from one Certificate Authority is same for all the requesting organisation?

Let me please explain the question a bit more through an example: There are lots of companies who have their certificates signed by Verisign (or any CA). I understand that Verisign signs these certs with its Private Key (same key for all…

tls certificates public-key-infrastructure certificate-authority root

asked Jan 27 '19 at 14:09

Dexter

215
1
2
8

0

votes

1 answer

Why do some root and intermediate certificate authorities have "G2" or "G3" in the name?

I have noticed that some root and intermediate CAs have things like "G2" or "G3" in the name. For example, take the certificate for amazon.com. The intermediate CA is DigiCert Global CA G2, and the root CA is DigiCert Global Root G2. I understand…

tls certificate-authority root

asked May 03 '18 at 14:47

allan

9
2

0

votes

1 answer

Possible Security threats and mitigations while accessing `/root` through any browser?

I asked this question on Unix Stackexchange. How to access /root directory from a browser? I got an answer (in a comment by @dsstorefile) that It can be accessed either way : By running chmod 0777 root By running browser as a Root User. I think…

web-browser root

asked Apr 29 '18 at 10:25

C0deDaedalus

728
1
8
17

0

votes

2 answers

Prevent program from switching to user without password

I created a user with useradd without specifying a password. When I try to sudo -u theuser echo hi I am being prompted for my admin password (unless specified otherwise in the sudoers file, of course). su -c "echo hi" -s /bin/sh theuser asks for…

permissions sudo root

asked Mar 02 '18 at 20:39

phil294

1,032
2
6
11

0

votes

1 answer

What could be done with web shell on unrooted android device?

Is it possible to control unrooted android device through a web shell? I've been trying to execute various php shells but the whole response is error statements like this php is installed and all other php pages works fine The tested php shells…

php android root

asked Feb 18 '18 at 17:01

user168532

0

votes

1 answer

What the risks of rooting your Android?

Besides your warranty getting voided, what potential security risks are there with rooting your Android?

android root

asked Nov 27 '17 at 01:00

ssharma

71
5

0

votes

3 answers

Root access without password

I know it's strongly advised against enabling root access on server but as cracking SSH keys is almost impossible can I enable root access just by using ssh keys and be safe? My OS is Ubuntu 16.04. I guess universe has its own jokes but the funniest…

ssh ubuntu root

asked Sep 22 '17 at 09:35

Amin Vakil

3
3

0

votes

1 answer

Possible ways for hackers to alter kernel behaviour without root

I'm wondering is it possible to harm kernel (by injecting shared library, loadable module or something like that) without root. If yes, how hackers can achieve it?

rootkits kernel root

asked Feb 23 '17 at 18:38

Bartosz Królak

115
1
6

-1

votes

3 answers

What prevents Windows from being as secure as Linux?

According to wikipedia, Linux's security compared to Windows is generally due to "the malware's lack of root access." Why doesn't Windows just fix this?

malware privilege-escalation root

asked Jun 03 '22 at 23:56

atolnay

7
2

-1

votes

1 answer

MAC OS full admin rights and software removal in a corp environment

We have MAC OS for our developers (running with root). We also deploy an DLP endpoint agent. Now what happens, in some cases they just sudo and uninstall the agent because it slows down the machine. What options do we have to prevent them doing that…

root dlp

asked Aug 08 '19 at 05:58

cyzczy

1,518
5
21
34

-1

votes

2 answers

Is it dangerous to turn on internet connection under su -c?

If someone would turn on internet connection using command su -c "/sbin/ifup ppp1" would it put system at risk (how bad) ?

linux internet sudo root

asked Jun 08 '18 at 11:03

R S

225
2
7

Questions tagged [root]