On 07/27/2011 03:14 PM, Bernd Stramm wrote: > On Wed, 27 Jul 2011 15:54:09 +0200 > Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: >> If you don't hide ~/.local and ~/.config then users who are less savvy >> than us might wonder what thzat stuff is and delete it and nothing >> will stop them and then all their configuration is lost. > > Hiding configuration is one thing, hiding executables is another. Hiding > executables is a security risk, and should not be done just because > a single person asked for it in a BZ. There are already quite a few things that may place executables under . prefixed paths in home. Java web start (javaws) for instance will install an entire jre under .java/deployment/cache, wine has for many years installed Windows executables (that can be executed by the system) under .wine, browser plugins may be installed to .mozilla/plugins and are just as capable of performing "evil" actions as an executable (e.g. drop a malicious plugin that hijacks some common MIME types, do your $evil and then wrap the intended plugin). There are various other examples - on an older release I find 171 such files under ~/: $ find $(l. | egrep -v '\.$|\.\.$') -type f -perm /111 | wc -l 171 Some of these aren't actually binaries/scripts - e.g. .desktop files and others just appear to have "wrong" mode on creation but it's still clear that this is nothing new. I think the security aspects of this change are being overstated in this thread. If something has already obtained the ability to create executable files under a user's home directory then "your men are already dead"; The sophistication needed to exploit it might vary a little but that's not something that gives me great comfort. Regards, Bryn. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
