Methods of compromise

• remote root compromise via a vulnerability
• remote root compromise via trust configuration
  • /etc/hosts.equiv, /etc/shosts.equiv
  • /.rhosts, /.shosts
  • /.ssh/authorized_keys
  • NFS sharing with mapping to uid 0
• compromise of user account, then local root exploit
  • password sniffed over the network
  • password found via a keystroke grabber elsewhere
  • password found via TEMPEST vulnerabilities
  • computations based on an encrypted password
  • password obtained via non-technical means
  • vulnerability in code run under that user account
  • trust configuration affecting user account access