On Thu, Jun 18, 2009 at 03:02:53PM -0400, Matthias Clasen wrote: > On Thu, 2009-06-18 at 19:09 +0100, Richard W.M. Jones wrote: > > On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote: > > > The retained authorization is only valid for the subject that obtained > > > it, which will typically be a process (identified by process id and > > > start time) or a canonical bus name. And your malware does not have > > > either. > > > > Can the malware inject code into the process which gained the > > authentication (eg. using ptrace)? > > Once you have malware running in your session, there's probably more > important stuff to worry about, like all your data in ~/.firefox... Right, but this is about privilege escalation (malware trying to gain root). However I agree that it's bad enough if you have any malware in your session. I'm only interested BTW. I'm not saying this is a real exploit :-) > Anyway, further discussion about details of PolicyKit would be much > better on polkit-devel@xxxxxxxxxxxxxxxxxxxxx CC'd. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
