On 12.6.2018 19:57, Reindl Harald wrote:
Am 12.06.2018 um 19:31 schrieb Miro Hrončok:
On 12.6.2018 19:20, Howard Howell wrote:
I haven't followed all of this thread, too self busy. However there is
a security argument. If you have a local executable directory, then
the capability for malicious software to attach is wide open for that
user, whatever their privelege level might be.
Executable directory? If you have power over user $HOME, you can change
user's $PATH. I don't know what this have to do with anything being
executable (but maybe I just didn't understand.)
so what - the more you need to change the harder a successful attack
becomes - google for layered security
This is more like a security by obscurity approach. This "another layer"
is just one step. It's like putting a duct tape over a keyhole and call
it extra security.
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/M6OIUDG2SKN2Q5IU2TFBHJNNF25JXZJA/