[Pm-utils] some simple patches from fedora

Till Maas opensource at till.name
Wed Jan 30 07:11:44 PST 2008

On Wed January 30 2008, Stefan Seyfried wrote:

> If somebody managed to get a symlink where the logfile should be, you are
> fscked. So i think this is less secure.

And what if somebody gets /usr/lib/pm-utils/bin/pm-action to be an arbitrary 
binary? Then you are fscked, too. I do not see the point, how changing the 
logfile is easier than changing any other component of pm-utils.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080130/307ed5d5/attachment.pgp 

More information about the Pm-utils mailing list