[Pm-utils] some simple patches from fedora
Till Maas
opensource at till.name
Wed Jan 30 07:28:41 PST 2008
On Wed January 30 2008, Victor Lowther wrote:
> True. The way to defend against these scenarios is to ensure that all
> our files and directories are owned by and only writable by root. If
> an intruder already has root, pm-utils cannot defend against any
> actions that user can take.
If I find the time, I will test whether selinux would prevent pm-utils from
cleaning out /etc/passwd when the logfile is a symlink to it. I guess selinux
could help here.
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080130/7058dc64/attachment.pgp
More information about the Pm-utils
mailing list