> On 11/1/18 5:08 PM, Cătălin George Feștilă wrote: > > SELinux can block the exploit if the "unconfined" module is disabled.
Same thoughts here. No main process (by user) should be allowed to overwrite system configuration except the dedicated tools or an editor. > I'm writing blog about it. When it will be ready, I add link also to > this thread. Thanks. Please let us know about your work. Regards, Raphael _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
