On Jan 30, 2008 9:11 AM, Till Maas <[EMAIL PROTECTED]> wrote: > On Wed January 30 2008, Stefan Seyfried wrote: > > > If somebody managed to get a symlink where the logfile should be, you are > > fscked. So i think this is less secure. > > And what if somebody gets /usr/lib/pm-utils/bin/pm-action to be an arbitrary > binary? Then you are fscked, too. I do not see the point, how changing the > logfile is easier than changing any other component of pm-utils.
True. The way to defend against these scenarios is to ensure that all our files and directories are owned by and only writable by root. If an intruder already has root, pm-utils cannot defend against any actions that user can take. > Regards, > Till > > > _______________________________________________ > Pm-utils mailing list > [email protected] > http://lists.freedesktop.org/mailman/listinfo/pm-utils > > _______________________________________________ Pm-utils mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/pm-utils
