Privilege escalation policy: third draft
Matthias Clasen
mclasen at redhat.com
Fri Jan 29 18:41:39 UTC 2010
On Thu, 2010-01-28 at 16:32 -0800, Adam Williamson wrote:
> Do yell if you think
> something urgently needs to be changed before then. Thanks!
>
Here is something that just came up internally, and that would probably
be a worthwhile addition to your list of 'things to watch out for':
Access control to devices is nowadays largely controlled by udev rules,
and a package installing a bad set of rules can easily make a large
chunk of your devices world-readable. 'udev rules' should be on the list
of things to review.
More information about the test
mailing list