2010/9/20 Bryn M. Reeves <b...@redhat.com>: > On 09/20/2010 01:37 PM, Tom Horsley wrote: >> On Mon, 20 Sep 2010 11:56:56 +0200 >> Michał Piotrowski wrote: >> >>> You can blacklist the firewall modules - it can be critical :) >> >> Actually, I think you can run any arbitrary command to >> load a module,
Or pass any parameter to a module. > so it is probably a gigantic security >> hole. Yeah - but it depends on conditions, system configuration etc. It can be treated as "minor issue", "major issue", "high risk vulnerability" or "gigantic security hole" - depends on system configuration and other things. Let's CC devel list. > > Kinda what I was thinking. This should be fairly easy to track down with > the amount of tracing and debugging tools we have in the distro now. I'm > not convinced it's dracut's My F13 devel system is not affected - it's a standard web developer system with databases, web servers, script languages etc. I don't think that dracut is the culprit. > doing but if I have time to get a VM > installed later on I'll try to have a poke around. > > Cheers, > Bryn. Regards, Michal -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
