Hacker News new | ask | show | jobs
by varajelle 1246 days ago
I was thinking the same. But then I thought about it more and wondered why you need to enter your own password if you're already logged on. If an attacker is already in the system, it can install key logger and whatnot without the root password. And the xn--ts9h program can have the Unix permission so that only the user can run it.
3 comments
account-5 1246 days ago
Insider threat, attacker not in the system, you leave your terminal unlocked and are away. Someone walks passed and tries to install something from you terminal?
link
CJefferson 1245 days ago
While it leads to slightly more chance of traceability, I've seen one line "curl | sh" which install a tool which transmit everything you type, or just your password (when you next type it) off to a remote server, so once you've left a terminal unattended you are in trouble anyway.

This is one place when windows can be much better, as users can't catch ctrl+alt+del, so you can always press that before logging in.

link
xg15 1246 days ago
There is the mental function signalling "hang on, you're about to do something unsafe. Are you sure you want to do this?"

But I think there are some scenarios where it serves a practical security purpose as well:

- You're in an office, went away to grab a coffee and left the screen unlocked (bad!). Without sudo, a malicious person could indeed quickly install a backdoor or keylogger and take over your system.

- you're executing a third-party script on your user account. Without a password prompt, that script could trivially escalate its privileges by embedding sudo commands. With a password prompt, you'll hopefully stop and ask yourself why the script is asking for your password.

Basically, you actually cannot assuming that every running on a user account is really authorised by that user. So asking for the password is an attempt to reaffirm that it's really the user who gave that command.

> If an attacker is already in the system, it can install key logger and whatnot without the root password.

Yes, but that would require the attacker to, well, run sudo...

link
varajelle 1245 days ago
If I'm not mistaken, especially with x11, it is trivial to install a keylogger without root password. Just a process in the background that listen to your keys and send them over the wire. (And you can add that program in the list of program to run while logging in)
link
karatinversion 1246 days ago
You need to enter your password so that software you run can’t give itself root privileges without permission
link