Privilege escalation policy: third draft
mclasen at redhat.com
Fri Jan 29 22:22:39 UTC 2010
On Fri, 2010-01-29 at 11:57 -0800, Adam Williamson wrote:
> On Fri, 2010-01-29 at 13:41 -0500, Matthias Clasen wrote:
> > On Thu, 2010-01-28 at 16:32 -0800, Adam Williamson wrote:
> > > Do yell if you think
> > > something urgently needs to be changed before then. Thanks!
> > >
> > Here is something that just came up internally, and that would probably
> > be a worthwhile addition to your list of 'things to watch out for':
> > Access control to devices is nowadays largely controlled by udev rules,
> > and a package installing a bad set of rules can easily make a large
> > chunk of your devices world-readable. 'udev rules' should be on the list
> > of things to review.
> That seems like an implementation-of-policy-compliance-testing issue and
> not something that needs explicitly mentioning in the policy. But indeed
> it's a useful note: changes in udev rules should be something rpmguard
> looks for and something the security testing procedures cover. thanks!
I was thinking of this list:
In practice, packages which provide one or more of:
* setuid binaries
* PolicyKit policies
* consolehelper configurations
are likely to be affected by this policy [...]
I was suggesting to add udev rules to that list. Seems just as much an
implementation detail as consolehelper configuration...
More information about the test