User: Password:
|
|
Subscribe / Log in / New account

Security implications need to be thought through better

Security implications need to be thought through better

Posted Nov 21, 2009 1:34 UTC (Sat) by JoeBuck (subscriber, #2330)
Parent article: Fedora 12 and unprivileged package installation

It seems clear that there isn't anyone on the PolicyKit team who does what Bruce Schneier (among others) regularly urges: you need someone on your team who can think like a black hat. Given a proposed policy decision, what new attack vectors can it open up? Clearly there are SELinux folks who can think this way, but it doesn't seem that there's enough communication going on.


(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds