More PATH fallout. Who decided this was a good idea?
jkeating at redhat.com
Sat Dec 6 17:59:33 UTC 2008
On Sat, 2008-12-06 at 12:52 -0500, Steve Grubb wrote:
> Because if they didn't type --help, we are going to have to log the attempted
> compromise. Sending an audit event requires CAP_AUDIT_WRITE. You have to be
> setuid root from the beginning or not at all.
Er, so you have to be root, in order to be audited? Doesn't that sound
rather um... bad planning? Doesn't that mean a non-root user can bang
on a binary all day long and never get audited?
Fedora -- Freedom² is a feature!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20081206/17284c4c/attachment.bin
More information about the devel