On Mon, Jun 10, 2013 at 10:10 AM, Florian Weimer <fweimer@xxxxxxxxxx> wrote: > I'm investigating things beyond SUID/SGID which are related to trust > transitions and visible in the file system, mainly due to the use of magic > paths. I'm aiming for a fairly general concept of "trust transition", and I > include altering browser actions when clicking on a hyperlink as far as they > are influenced by file type registrations. > > Here's what I came up with so far. I only include things that can somehow > be hooked by packages, which rules out files such as /etc/inittdb and user > crontabs. > > usermode: > > /etc/security/console.apps > > D-Bus and polkit: > > /etc/dbus-1/system.d > /etc/dbus-1/session.d > /usr/share/dbus-1/system-services > /usr/share/dbus-1/services > /usr/share/polkit-1/actions > > Launching daemons or other background processes: > > /etc/init.d > > /etc/cron.d > /etc/cron.daily > /etc/cron.monthly > /etc/cron.weekly > > /usr/lib/systemd/system plus other paths listed in systemd.unit(5). > > *.desktop and *.protocol file registries: > > /usr/lib*/libreoffice/share/xdg > /usr/share/applications > /usr/share/applications/kde4 > /usr/share/gdm/autostart/LoginWindow > /usr/share/gdm/greeter/applications > /usr/share/gdm/greeter/autostart > /usr/share/gnome/autostart > /usr/share/gnome/wm-properties > /usr/share/kde4/services > /usr/share/kde4/services/ServiceMenus > /usr/share/xsessions > > (Or in general, *.desktop files with with an Exec= line.) > > Networking services: > > /etc/xinet.d > > Browser plugins: > > /usr/share/mozilla/extensions > /usr/lib*/mozilla/extensions If you count extensions then /usr/share/gnome-shell/extensions might qualify as well. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
