Initial draft of privilege escalation policy
Stephen John Smoogen
smooge at gmail.com
Tue Jan 26 06:12:24 UTC 2010
On Mon, Jan 25, 2010 at 10:55 PM, Adam Williamson <awilliam at redhat.com> wrote:
> On Sat, 2010-01-23 at 20:54 -0500, Christopher Beland wrote:
>> * Accessing a webcam or microphone remotely and unexpectedly viewing
>> or
>> listening to a local user.
>
> This seems quite tricky to formulate to me; I can certainly see all
> sorts of legitimate scenarios for remote access to such devices which
> you wouldn't want to do as root. I'm not sure if we can really include
> this as-is.
Yes.. but I can't see many that would be allowed by default. The issue
in writing a policy is looking at what is set by default. Yes you can
set up ways and have business reasons for doing so.. but I can't come
up with one where by default someone can come into a computer and turn
on the camera... In all cases, its where someone has made a decision
that this is how things should be and should change the settings to do
so.
There are quite a few videos of hackers breaking into systems and
turning on cameras and videos for their 'pleasure'. Also cases of
blackmail where some kid has been asked for more compromising
pictures.
--
Stephen J Smoogen.
Ah, but a man's reach should exceed his grasp. Or what's a heaven for?
-- Robert Browning
More information about the test
mailing list