Re: glibc post upgrade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Fedora SELinux support list for users & developers." <fedora-selinux-list@xxxxxxxxxx>
Subject: Re: glibc post upgrade
From: Stephen Smalley <sds@xxxxxxxxxxxxxx>
Date: Wed, 25 Aug 2004 10:02:01 -0400
In-reply-to: <412C9A09.700@nc.rr.com>
List-archive: </archives/fedora-selinux-list>
List-help: <mailto:fedora-selinux-list-request@redhat.com?subject=help>
List-id: "Fedora SELinux support list for users & developers." <fedora-selinux-list.redhat.com>
List-post: <mailto:fedora-selinux-list@redhat.com>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-selinux-list>, <mailto:fedora-selinux-list-request@redhat.com?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-selinux-list>, <mailto:fedora-selinux-list-request@redhat.com?subject=unsubscribe>
Organization: National Security Agency
References: <200408232344.23345.russell@coker.com.au> <412A21A6.7040203@nc.rr.com> <1093281676.27211.159.camel@moss-spartans.epoch.ncsc.mil> <412A3701.2020401@redhat.com> <412A6E4E.5080600@nc.rr.com> <1093439297.6743.69.camel@moss-spartans.epoch.ncsc.mil> <412C9A09.700@nc.rr.com>
Reply-to: "Fedora SELinux support list for users & developers." <fedora-selinux-list@xxxxxxxxxx>

On Wed, 2004-08-25 at 09:54, Jeff Johnson wrote:
> That's the point. Lua is embedded, would be run by rpm, and no re-exec 
> because of internal state.

Ok.  And the lua "program" would still be extracted from the (possibly
untrustworthy) package contents, as with current helpers like
glibc_post_upgrade?  So a package can carry arbitrary malicious lua code
and get it executed by rpm?

-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

Follow-Ups:
- Re: glibc post upgrade
  - From: Jeff Johnson

References:
- glibc post upgrade
  - From: Russell Coker
- Re: glibc post upgrade
  - From: Jeff Johnson
- Re: glibc post upgrade
  - From: Stephen Smalley
- Re: glibc post upgrade
  - From: Daniel J Walsh
- Re: glibc post upgrade
  - From: Jeff Johnson
- Re: glibc post upgrade
  - From: Stephen Smalley
- Re: glibc post upgrade
  - From: Jeff Johnson

Prev by Date: Re: glibc post upgrade
Next by Date: Switching policy, need to relabel files?
Previous by thread: Re: glibc post upgrade
Next by thread: Re: glibc post upgrade
Index(es):
- Date
- Thread

[Index of Archives] [Fedora Users] [Fedora Desktop] [Big List of Linux Books] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]