Re: Next privilege escalation policy draft

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2010-02-04 at 15:39 -0800, Adam Williamson wrote:
> On Thu, 2010-02-04 at 15:14 -0500, Adam Jackson wrote:
> > - Declaring "Read from system logs containing any information about user
> > activities" to be a privileged action, means that who(1) and last(1)
> > break, since utmp and wtmp are typically - intentionally - world
> > readable.  /var/log/ConsoleKit/history similarly.  I think this entire
> > rule is mostly subsumed under the "directly access or modify a file they
> > would usually be denied rights to" clause, though we'd probably also
> > want to define what kinds of log information are sensitive and what
> > aren't in that case, and enforce world-readability to match.
> 
> I don't understand much about utmp and wtmp, but if appropriate they
> could be specifically excepted from the policy. Ditto the ConsoleKit
> history. What's the rationale for these being world-readable?

Unix used to be a multiuser OS, apparently. ;)

- ajax

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux