On Wed, 29 Jul 2015 16:35:56 +0200 a...@gulbrandsen.priv.no wrote: > Every last problem of sudo is taken seriously? Did you know that if > someone has limited access, e.g. the right to install standard > packages, then it is easy to leverage that to get complete access. > Various packages run programs in $PATH as root, Firefox comes to > mind, so just prepare $PATH and sudo apt-get install firefox. > > Sudo leaves > the user's $PATH and the rest is just a matter of finding the right > exploit. > > Was open for years, may still be open.
I repeat my question: Do you have first hand knowledge indicating that polkit is any safer? SteveT Steve Litt July 2015 featured book: Rapid Learning for the 21st Century http://www.troubleshooters.com/rl21 _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
