remove polkit from core?
Florian Weimer
fweimer at redhat.com
Tue Nov 13 09:24:07 UTC 2012
On 11/12/2012 08:00 PM, Steve Grubb wrote:
> except that most admins will never be able to do this. The only people that
> get any flexibility are people who manage their own system. Everyone else
> likely has some compliance issues and they have to be verifiably in
> configuration. What will happen is the generic js file will be SHA256 hashed and
> we'll check the file's hash in SCAP and report the system as out of
> configuration.
This isn't completely sufficient—you also have to make sure that there
isn't another Javascript snippet which overrides the operation of the
valid script.
--
Florian Weimer / Red Hat Product Security Team
More information about the devel
mailing list