On 06/10/2013 10:10 AM, Florian Weimer wrote:
I'm investigating things beyond SUID/SGID which are related to trust transitions and visible in the file system, mainly due to the use of magic paths. I'm aiming for a fairly general concept of "trust transition", and I include altering browser actions when clicking on a hyperlink as far as they are influenced by file type registrations. Here's what I came up with so far. I only include things that can somehow be hooked by packages, which rules out files such as /etc/inittdb and user crontabs.
I should have mentioned that I'm interested in feedback—does this make sense (as an extension of SUID/SGID auditing), and is this set of paths reasonably complete?
-- Florian Weimer / Red Hat Product Security Team -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
