2009/11/18 nodata <lsof@xxxxxxxxxxxx>: > Am 2009-11-18 20:20, schrieb Richard Hughes: >> >> 2009/11/18 Casey Dahlin<cdahlin@xxxxxxxxxx>: >>> >>> By the admin's first opportunity to change the settings the box could >>> already be rooted. >> >> I'm not sure how you can root a computer from installing signed >> content by a user that already has physical access to the machine. > > You install software with a known buffer overflow before it is fixed and > exploit it. More software = more chances to exploit. Bingo! If a user logged in from a physical local console wanted to exploit their machine, this would be the hard way to do it. Regards, -- McGill University IT Security Konstantin Ryabitsev Montréal, Québec -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
