Klaus Weidner wrote:
Of course, people deploying a system that's based on the LSPP configuration can choose to deviate from the evaluated configuration based on their own risk assessment. This could include restoring general access to "newrole" if they don't consider the PTY exploit to be a concern.
And if you want polyinstation, then an suid newrole needs to be available :) -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
