Next privilege escalation policy draft
Adam Williamson
awilliam at redhat.com
Tue Feb 2 19:07:17 UTC 2010
On Tue, 2010-02-02 at 11:33 +0100, Tomas Mraz wrote:
> > again, comments are welcome! This is probably going to FESco next week,
> > not tomorrow, apparently they have a heavy schedule tomorrow.
> >
> > https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy
>
> What about all networking setup changes? Especially establishing a VPN
> connection can be used to tunnel all traffic through a rogue VPN server
> thus enabling attacker to monitor all the network traffic. The same
> holds for enabling WLAN interfaces if they are currently disabled.
Right, good point, and it's not covered specifically under any existing
point because you could do all of that without editing a config file or
directly manipulating network traffic, if someone stuffed up the
permissions model of ifconfig or NetworkManager.
Will add. Thanks.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the devel
mailing list