Henry: I'm just trying to get a clearer picture about how this works, and the security ramifications.
>> What, if anything, can a system administrator do to prevent such attacks >> from being possible. Can the system administrator turn off the feature >> which allows users plugins to be functional? Is this feature off or on >> by default? > By default, gkrellmd server will load and run all plugins, but we can > change some codes to make it not load all plugins under > ~/.gkrellm2/plugins-gkrellmd/, only load the plugins installed by > sysadmins.. I'm not sure that this is necessary. Might be good to update the one pager with the security-related information that has been discussed. Then ARC can better make any decision about any additional work which may be needed. Brian
