PolicyKit and malware, was: What I HATE about F11
ssorce at redhat.com
Thu Jun 18 20:58:41 UTC 2009
On Thu, 2009-06-18 at 20:53 +0100, Matthew Garrett wrote:
> On Thu, Jun 18, 2009 at 07:09:29PM +0100, Richard W.M. Jones wrote:
> > On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
> > > The retained authorization is only valid for the subject that obtained
> > > it, which will typically be a process (identified by process id and
> > > start time) or a canonical bus name. And your malware does not have
> > > either.
> > Can the malware inject code into the process which gained the
> > authentication (eg. using ptrace)?
> If you have malware in your session then it's already able to capture
> your password. You've already effectively lost.
Trusted path should prevent the malware from being able to steal your
password, but it will take some time before we have that.
Simo Sorce * Red Hat, Inc * New York
More information about the devel