LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Re: More PATH fallout. Who decided this was a good idea?

[Posted December 10, 2008 by jake]

From:  Seth Vidal <skvidal-AT-fedoraproject.org>
To:  Development discussions related to Fedora <fedora-devel-list-AT-redhat.com>
Subject:  Re: More PATH fallout. Who decided this was a good idea?
Date:  Sat, 6 Dec 2008 01:06:41 -0500 (EST)
Message-ID:  <alpine.LFD.2.00.0812060105030.2777@localhost.localdomain>
Archive-link:  Article, Thread 



On Fri, 5 Dec 2008, Jesse Keating wrote:

> On Fri, 2008-12-05 at 20:29 -0500, Steve Grubb wrote:
>> These are required to be this way for our Common Criteria evaluations.
>
> Is the thought here that if the code can be executed by a non-root user,
> the audit of the code would have to be far more strict?  If you keep the
> user from being able to execute, you don't have to worry as much about
> how they might exploit it?

And do we seriously think we can keep the code away from a non-root user 
by chmodd'ing the binaries? A user can get a binary for anything 
fedora can install in about 30s w/firefox.

-sv



-- 
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds