Magic paths for service registration

[Florian Weimer]

On 06/10/2013 10:10 AM, Florian Weimer wrote:
> I'm investigating things beyond SUID/SGID which are related to trust
> transitions and visible in the file system, mainly due to the use of
> magic paths.  I'm aiming for a fairly general concept of "trust
> transition", and I include altering browser actions when clicking on a
> hyperlink as far as they are influenced by file type registrations.
>
> Here's what I came up with so far.  I only include things that can
> somehow be hooked by packages, which rules out files such as
> /etc/inittdb and user crontabs.

I should have mentioned that I'm interested in feedback—does this make 
sense (as an extension of SUID/SGID auditing), and is this set of paths 
reasonably complete?

-- 
Florian Weimer / Red Hat Product Security Team