On Wed, Jan 30, 2008 at 04:28:41PM +0100, Till Maas wrote: > On Wed January 30 2008, Victor Lowther wrote: > > > True. The way to defend against these scenarios is to ensure that all > > our files and directories are owned by and only writable by root. If > > an intruder already has root, pm-utils cannot defend against any > > actions that user can take.
We can still try to be defensive in our programming. > If I find the time, I will test whether selinux would prevent pm-utils from > cleaning out /etc/passwd when the logfile is a symlink to it. I guess selinux > could help here. The majority of systems out there has selinux turned off. -- Stefan Seyfried R&D Team Mobile Devices | "Any ideas, John?" SUSE LINUX Products GmbH, Nürnberg | "Well, surrounding them's out." This footer brought to you by insane German lawmakers: SUSE Linux Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) _______________________________________________ Pm-utils mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/pm-utils
