I talked to the developer by e-mail. It does work, but does not follow symlinks so for example, to whitelist nano for use in a sudo session you have to whitelist it as /bin/nano not as /usr/bin/nano ------Original Message------ From: Marc Deslauriers Sender: [email protected] To: Rod MacPherson ReplyTo: Bug 723468 Subject: [Bug 723468] Re: whitelist does not work in Ninja PrivilegeEscalation Detection System Sent: Mar 8, 2011 9:25 AM
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Visibility changed to: Public ** This bug is no longer flagged as a security vulnerability -- You received this bug notification because you are a direct subscriber of the bug. https://bugs.launchpad.net/bugs/723468 Title: whitelist does not work in Ninja Privilege Escalation Detection System To unsubscribe from this bug, go to: https://bugs.launchpad.net/ubuntu/+source/ninja/+bug/723468/+subscribe Sent wirelessly from my BlackBerry device on the Bell network. Envoyé sans fil par mon terminal mobile BlackBerry sur le réseau de Bell. -- You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. https://bugs.launchpad.net/bugs/723468 Title: whitelist does not work in Ninja Privilege Escalation Detection System -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
