Security implications need to be thought through better
Posted Nov 21, 2009 1:34 UTC (Sat) by JoeBuck
Parent article: Fedora 12 and unprivileged package installation
It seems clear that there isn't anyone on the PolicyKit team who does what Bruce Schneier (among others) regularly urges: you need someone on your team who can think like a black hat. Given a proposed policy decision, what new attack vectors can it open up? Clearly there are SELinux folks who can think this way, but it doesn't seem that there's enough communication going on.
to post comments)