when last we saw our hero (Sunday, May 18, 2003), 
 Matthew S. Hallacy was madly tapping out:
> On Thu, May 15, 2003 at 02:06:29PM -0500, Daniel Taylor wrote:
> > On Thu, 15 May 2003, steve ulrich wrote:
> 
> > Right. It stops script kiddies. It stops self-recompiling worms.
> > It leaves attacks directed at your hardware/software combination
> > and attacks directed at you by pros.
> 
> How does this stop script kiddies? They've already rooted you, game
> over.
> 
> Just because they can't get their rootkit to compile doesn't mean
> they won't get frustrated and just rm -rf /

some exploits don't become full-on rootings until a rootkit can be
assembled.  a host may be compromised enough to enable the party to
place the rootkit on the host and have mortal execution privileges,
without necessarily having root.   

in the above you seem to be stating that compromise == compromise of
root. which i would say, is not necessarily true.  

-- 
steve ulrich                       sulrich at botwerks.org
PGP: 8D0B 0EE9 E700 A6CF ABA7  AE5F 4FD4 07C9 133B FAFC

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list