Re: Drawing lessons from fatal SELinux bug #1054350

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 24, 2014 at 20:40:28 -0800,
  Josh Stone <jistone@xxxxxxxxxx> wrote:

My point was not about what root can do.  Suppose there's a vulnerable
'sudo' binary that gives everyone a root shell.  If that binary is
available on any executable path, even readonly, that's trouble.

That isn't true. File systems can be mounted such that suid bits are ignored. suid executables on such file systems are effectively just normal executables.
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux