PolicyKit and malware, was: What I HATE about F11
Simo Sorce
ssorce at redhat.com
Thu Jun 18 20:58:41 UTC 2009
On Thu, 2009-06-18 at 20:53 +0100, Matthew Garrett wrote:
> On Thu, Jun 18, 2009 at 07:09:29PM +0100, Richard W.M. Jones wrote:
> > On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
> > > The retained authorization is only valid for the subject that obtained
> > > it, which will typically be a process (identified by process id and
> > > start time) or a canonical bus name. And your malware does not have
> > > either.
> >
> > Can the malware inject code into the process which gained the
> > authentication (eg. using ptrace)?
>
> If you have malware in your session then it's already able to capture
> your password. You've already effectively lost.
Trusted path should prevent the malware from being able to steal your
password, but it will take some time before we have that.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the devel
mailing list