On Wed, 2007-10-10 at 10:37 -0400, Robin Norwood wrote: > In the /etc case, if an attacker has managed to write to /etc, the > user If the user has installed a random rpm, then we've already lost all security on the box. Richard.