PolicyKit releases and !AWOL
Doug Klima
cardoe at gentoo.org
Mon Dec 17 07:00:13 PST 2007
David Zeuthen wrote:
> On Mon, 2007-12-17 at 04:22 +0100, Michael Biebl wrote:
>
>>> No, but it makes it a lot harder; if you can read the file you can run
>>> strings(1) and ldd(1) on it; that alone is a lot of useful information.
>>>
>> You can do that just as well with the binary that you extracted from
>> the deb/rpm.
>> So this point is not valid.
>>
>
> It's valid because the attacker might not know exactly what package to
> get it from (multiple OS releases; per-site patches etc.). It slows the
> would-be attacker down.
>
To say the attacker might not know where to get the packages from is silly.
Open Google. Type "PolicyKit Debian". Job done. How long did that slow
the attacker down? The 2 second load time of Google?
More information about the hal
mailing list