On 10/30/2013 10:27 AM, Alec Leamas wrote: > On 2013-10-30 11:23, Reindl Harald wrote: >> Am 30.10.2013 11:20, schrieb Alec Leamas: >>> On 2013-10-30 10:58, Reindl Harald wrote: >>>> Am 30.10.2013 10:53, schrieb Alec Leamas: >>>>> Some kind of reference for the bad in having a well-known, hidden directory in the path? >>>> the *writeable for the user* is the problem >>> Any reference for this problem? >> what about consider the implications? >> do you really need a written reference for any security relevant fact? >> i can write one for you if you prefer links :-) >> > Well, the question is really if someone else out there share your > concerns about this. Why does it matter? A hidden directory in everyone's path is obviously useful to an attacker, and (IMO) more useful to an attacker than to a user. You shouldn't need any references. Andrew. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
