Re: PolicyKit and malware, was: What I HATE about F11

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 18, 2009 at 07:09:29PM +0100, Richard W.M. Jones wrote:
> On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
> > The retained authorization is only valid for the subject that obtained
> > it, which will typically be a process (identified by process id and
> > start time) or a canonical bus name. And your malware does not have
> > either.
> 
> Can the malware inject code into the process which gained the
> authentication (eg. using ptrace)?

If you have malware in your session then it's already able to capture 
your password. You've already effectively lost.

-- 
Matthew Garrett | mjg59@xxxxxxxxxxxxx

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux