Matthew Miller wrote:
On Tue, Apr 10, 2007 at 03:34:23AM -0400, David Zeuthen wrote:
Btw, the rant of mine that Matthew pointed to was more concerned with
the sad fact that we run a bunch of X11 apps as root.. Just don't run
any X11 apps as root; it's a really really bad idea, thanks :-)
Yeah but it's such a good rant. :)
And seriously, although X is the most obviously scary, the same thing
applies to any setuid code beyond the incredibly trivial.
And this is where I don't get the rant, afaik system-config-xxx aren't suid
root, they call a (one would assume audited) helper program to become root, by
use of the root password, so there is no chance for privelidge escalation here,
because the user has the root password, the user cannot get any more
privilidged then that AFAIK. So where is the problem?
Regards,
Hans
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
