[Pm-utils] some simple patches from fedora

Stefan Seyfried seife at suse.de
Wed Jan 30 07:39:52 PST 2008

On Wed, Jan 30, 2008 at 04:28:41PM +0100, Till Maas wrote:
> On Wed January 30 2008, Victor Lowther wrote:
> > True.  The way to defend against these scenarios is to ensure that all
> > our files and directories are owned by and only writable by root.  If
> > an intruder already has root, pm-utils cannot defend against any
> > actions that user can take.

We can still try to be defensive in our programming.

> If I find the time, I will test whether selinux would prevent pm-utils from 
> cleaning out /etc/passwd when the logfile is a symlink to it. I guess selinux 
> could help here.

The majority of systems out there has selinux turned off.
Stefan Seyfried
R&D Team Mobile Devices            |              "Any ideas, John?"
SUSE LINUX Products GmbH, Nürnberg | "Well, surrounding them's out." 

This footer brought to you by insane German lawmakers:
SUSE Linux Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)

More information about the Pm-utils mailing list