[Pm-utils] some simple patches from fedora
Till Maas
opensource at till.name
Wed Jan 30 07:11:44 PST 2008
On Wed January 30 2008, Stefan Seyfried wrote:
> If somebody managed to get a symlink where the logfile should be, you are
> fscked. So i think this is less secure.
And what if somebody gets /usr/lib/pm-utils/bin/pm-action to be an arbitrary
binary? Then you are fscked, too. I do not see the point, how changing the
logfile is easier than changing any other component of pm-utils.
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080130/307ed5d5/attachment.pgp
More information about the Pm-utils
mailing list