[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3
Martin Kutschker
masi-no at spam-typo3.org
Mon Oct 6 08:42:08 CEST 2008
Dmitry Dulepov schrieb:
> Hi!
>
> Martin Kutschker wrote:
>> But someone could also delete the real /dev/urandom and create a fake
>> one on Unix.
>
> Only root. /dev is r-xr-xr-x, which is read–only to anyone, creating
> anything there is possibly only to root.
Anyone clever enough trying to circumvent an authentication scheme by
creating fake random devices will be able to gain root access anyway ;)
Masi
More information about the TYPO3-team-core
mailing list