PolicyKit releases and !AWOL

Doug Klima cardoe at gentoo.org
Mon Dec 17 07:00:13 PST 2007


David Zeuthen wrote:
> On Mon, 2007-12-17 at 04:22 +0100, Michael Biebl wrote:
>   
>>> No, but it makes it a lot harder; if you can read the file you can run
>>> strings(1) and ldd(1) on it; that alone is a lot of useful information.
>>>       
>> You can do that just as well with the binary that you extracted from
>> the deb/rpm.
>> So this point is not valid.
>>     
>
> It's valid because the attacker might not know exactly what package to
> get it from (multiple OS releases; per-site patches etc.). It slows the
> would-be attacker down.
>   

To say the attacker might not know where to get the packages from is silly.

Open Google. Type "PolicyKit Debian". Job done. How long did that slow
the attacker down? The 2 second load time of Google?



More information about the hal mailing list