RPM security (a newbie question)
Todd Zullinger
tmz at pobox.com
Thu Apr 2 13:39:04 UTC 2009
"Stanisław T. Findeisen" wrote:
> SELinux will not help you more if it gets overwritten/rootkited by
> malicious RPM package (for instance during the install process).
But then we're back to the question of how such a malicious rpm would
get onto your system. Someone doing such a thing in %post would get
noticed pretty quickly. If someone packaged up files that overwrote
files provided by the selinux packages, rpm would complain about those
because they would conflict. So that avenue is a bit tricky. It's
not entirely impossible, but it's not really easy either.
I don't think this list is the place to engage in endless discussions
on striving for ultimate security (a state that does not exist,
anywhere).
A much better use of time would be in auditing the software that you
can and in finding ways to help improve the process to plug the
limited number of potential entry points for malicious code to be
installed.
(The quote in my sig is entirely random. Though I sometimes wonder if
fortune isn't just a bit eerie in its choices. :)
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A paranoid is someone who knows a little of what's going on.
-- William S. Burroughs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20090402/00c48989/attachment-0001.bin
More information about the users
mailing list