Re: Prioritizing ~/.local/bin over /usr/bin on the PATH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Dne 18.6.2018 v 00:13 Ian Malone napsal(a):
> On 16 June 2018 at 13:50, Björn Persson <Bjorn@rombobjörn.se> wrote:
>> Tomasz Kłoczko wrote:
>>> On Fri, 15 Jun 2018 at 23:21, Björn Persson <Bjorn@rombobjörn.se> wrote:
>>> [..]
>>>> Don't forget that if your proof of concept can be modified to either
>>>> overwrite or append to ~/.bashrc, then it's irrelevant to this debate.
>>> before ~/.bashrc is executed many other scripts  executions
>>> already is finished
>> This is true and completely irrelevant.
>>
>>> Whatever you want to do over you account session or profile scripts it
>>> is already _to late_.
>>> Is that clear now?
>> No it's not clear. I have no idea why you're rambling about the order
>> in which Bash executes its startup files. The order doesn't matter,
>> especially since the hypothetical attacker is supposedly unable to
>> modify those files.
>>
>> You claimed to have a proof of concept that would demonstrate how some
>> security hole can be exploited if and only if ~/.local/bin is listed
>> before /usr/bin in PATH. I asked you to post your proof of concept. You
>> didn't. I will therefore conclude that you don't actually have one.
>>
>
> Well, two things:
>
> 1. For example, a kiosk mode, where the home directory is wiped each
> login would be made less secure.

Forgive my ignorance, but where is the option to install Fedora in Kiosk
mode? I am asking, because I am not aware about any option like this,
hence this needs IMO some configuration and if you configure the
computer to run in Kiosk mode, then you can certainly modify the PATH to
improve security of such setup.


Vít
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/J33IAEELIZPPCGKZC7BMNKARVJOFWEQ3/
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux