Magic paths for service registration
fweimer at redhat.com
Wed Jun 12 14:16:44 UTC 2013
On 06/10/2013 10:10 AM, Florian Weimer wrote:
> I'm investigating things beyond SUID/SGID which are related to trust
> transitions and visible in the file system, mainly due to the use of
> magic paths. I'm aiming for a fairly general concept of "trust
> transition", and I include altering browser actions when clicking on a
> hyperlink as far as they are influenced by file type registrations.
> Here's what I came up with so far. I only include things that can
> somehow be hooked by packages, which rules out files such as
> /etc/inittdb and user crontabs.
I should have mentioned that I'm interested in feedback—does this make
sense (as an extension of SUID/SGID auditing), and is this set of paths
Florian Weimer / Red Hat Product Security Team
More information about the devel