Local access
Password cracking: We cannot decrypt a password, we use a dictionary, or other type of algorithm to generate passwords, encrypt them using the crypt function, DES, etc, and compare with hash in the passwd file. Crack 5 and John the Ripper are two of “the best of the breed.”
Local buffer overflow: same problems and countermeasures.
Symlinks: ln -s /this /that, when you cat this you see that. Signals in UNIX: you re-start, start, stop daemons sending signals: SIGXXX.
Core dump: memory (core) dumps are snapshots of the memory when an error occurs. Delete it or it stays. ulimit set to 0 cancel core dumps.
Shared libraries: replace a standard library file with a rogue one, granting privileges to the intruder, when used.
Kernel problems: upgrades to the kernel may create security flaws, which will be found, patched, etc. Linux particularly vulnerable (growing).
File and directory permissions: SUID files -- a necessary evil. Some applications need to run as root and be used by regular users (solution: SUID). The find command list these files, and there are many of them. World writable files are another problem.
