David Zeuthen wrote:
(I'm not subscribed to fedora-devel so if you want replies from me don't
remove me from the Cc.)
Hmmm, I can't directly CC folks through Gmane, the best I can do is to use
the KNode feature which copies the text into KMail.
An example where 1. is useful includes, funny
On Thu, 2009-06-18 at 11:02 -0400, Matthias Clasen wrote:
On Thu, 2009-06-18 at 11:58 +0200, Nils Philippsen wrote:
As it is, malware need only sit in the background and wait for e.g. a
PolicyKit-enabled user manager to acquire the authorization for user
creation to be able to easily
On Tue, 2009-06-16 at 16:57 -0700, Adam Williamson wrote:
Ve haf zer technology, already. :) it's just a case of adding code to
more apps to take advantage of the awesomeness of PolicyKit, and I
believe this is scheduled to happen.
I still have one fairly serious gripe with PolicyKit: If one
On Thu, 2009-06-18 at 11:58 +0200, Nils Philippsen wrote:
As it is, malware need only sit in the background and wait for e.g. a
PolicyKit-enabled user manager to acquire the authorization for user
creation to be able to easily install a backdoor account.
Nils, this is somewhat inaccurate
Hi,
This is an accurate description of how things work, thanks to Matthias
for clearing things up on this list. There's more background information
about this particular thing here
http://hal.freedesktop.org/docs/polkit/
http://hal.freedesktop.org/docs/polkit/PolicyKit-1.8.html
On Thu, Jun 18, 2009 at 5:58 AM, Nils Philippsenn...@redhat.com wrote:
On Tue, 2009-06-16 at 16:57 -0700, Adam Williamson wrote:
Ve haf zer technology, already. :) it's just a case of adding code to
more apps to take advantage of the awesomeness of PolicyKit, and I
believe this is scheduled to
On Thu, 2009-06-18 at 19:09 +0100, Richard W.M. Jones wrote:
On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
The retained authorization is only valid for the subject that obtained
it, which will typically be a process (identified by process id and
start time) or a canonical
On Thu, Jun 18, 2009 at 07:09:29PM +0100, Richard W.M. Jones wrote:
On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
The retained authorization is only valid for the subject that obtained
it, which will typically be a process (identified by process id and
start time) or a
On Thu, Jun 18, 2009 at 7:09 PM, Richard W.M. Jonesrjo...@redhat.com wrote:
Can the malware inject code into the process which gained the
authentication (eg. using ptrace)?
Also, using a new PackageKit the worst you'll be able to do is install
signed software from already configured repos.
On Thu, Jun 18, 2009 at 03:02:53PM -0400, Matthias Clasen wrote:
On Thu, 2009-06-18 at 19:09 +0100, Richard W.M. Jones wrote:
On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
The retained authorization is only valid for the subject that obtained
it, which will typically be
If one application acquires an authorization it automatically authorizes all
other
applications running on the same desktop -- and I think that is a
potential attack vector for malware.
maybe this is about sudo and a like things
but PolicyKit is designed AFAIK to be much fine grained, it does
On Thu, 2009-06-18 at 20:53 +0100, Matthew Garrett wrote:
On Thu, Jun 18, 2009 at 07:09:29PM +0100, Richard W.M. Jones wrote:
On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
The retained authorization is only valid for the subject that obtained
it, which will typically be
Hi,
On Thu, 2009-06-18 at 21:11 +0100, Richard W.M. Jones wrote:
On Thu, Jun 18, 2009 at 03:02:53PM -0400, Matthias Clasen wrote:
On Thu, 2009-06-18 at 19:09 +0100, Richard W.M. Jones wrote:
Can the malware inject code into the process which gained the
authentication (eg. using ptrace)?
13 matches
Mail list logo