8 Dec
2013
8 Dec
'13
8:10 p.m.
Am 08.12.2013 21:05, schrieb Nable 80:
One should notice that without root ( who would give root access to generic employee? except (possibly) on his workstation) you still cannot access other users' cookies (except cases when one have too ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ wide permissions or known vulnerabilitites with privelege escalation), ^^^^^^^^^^^^^^^^ so you cannot grab their X sessions, can you?
And here we are again at "Hey, $FOO doesn't work, I'll just do chmod -R 777 * and see if that makes it work."
Plus, the rogue employee may as well be the admin, and thus have root rights on the machine where you're logged in.
-Stefan