Re: Prioritizing ~/.local/bin over /usr/bin on the PATH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12.6.2018 20:15, Reindl Harald wrote:
This is more like a security by obscurity approach. This "another layer"
is just one step. It's like putting a duct tape over a keyhole and call
it extra security

bullshit

Thanks for the tone, it is very helpful.


when the exploit is naively written it just tries to put a binary in the
directory and on well configured system you don't put ANYTHING in front
of PATH

man chattr

[root@srv-rhsoft:~]$ touch /home/harry/.bashrc
touch: setting times of '/home/harry/.bashrc': Operation not permitted

Excellent. So the file is immutable. Since you were clever enough to make it so, you probably care enough to change the line that prepends the PATH in there. Or is that too complicated?

We are changing the default and we are saying that it will not lower the security. If users want to make steps into increasing security that's good. And we are not blocking them by this change.


but luckily Fedora was too long too stupid get rid of /bin and /sbin
after UsrMove so that i don't care about any defaults any longer

Funny how you don't care yet you keep sending the e-mails.

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/M32M74CLD6IIHR46XYCDKBJVRSL7GZP6/




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux