On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown <m...@nmatt.com> wrote: > This patch was modified from Brad Spengler's Trusted Path Execution (TPE) > feature in Grsecurity and also incorporates logging ideas from > cormander's tpe-lkm. > > Modifications from the Grsecurity implementation of TPE were made to > turn it into a stackable LSM using the existing LSM hook bprm_set_creds. > Also, denial messages were improved by including the full path of the > disallowed program. (This idea was taken from cormander's tpe-lkm) [...] > Threat Models: [...] > 2. Attacker on system replaces binary used by a privileged user with a > malicious one > > * This situation arises when administrator of a system leaves a binary > as world writable. > > * TPE is very effective against this threat model
How do you end up with world-writable binaries in $PATH?
