Dailydave mailing list archives
Re: Fedora 12 Fail
From: Michael Graham <jmgraham () gmail com>
Date: Wed, 18 Nov 2009 19:36:01 -0800
"I don't particularly care how UNIX has always worked." has already turned into a new catchphrase around here. On Wed, Nov 18, 2009 at 6:32 PM, Dave Aitel <dave.aitel () gmail com> wrote:
Probably the best Linux thread in months: https://www.redhat.com/archives/fedora-devel-list/2009-November/msg00945.html To sum it up, Fedora 12 is defaulting to "Any user can install any package from the repo and then exploit it to get root". So like, if the repo signs something hilarious like "bob's vulnerable FTP server.rpm", every Fedora 12 server is vulnerable. Unless you've uninstalled PolicyKit or something else esoteric. It's awesome. Read the whole thread, as the GRSec team says, with a bag of popcorn. There's no Linux security center of gravity. The closest is spender. But he can only keep you honest if you want to be kept honest. -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Fedora 12 Fail Dave Aitel (Nov 18)
- Re: Fedora 12 Fail Michael Graham (Nov 18)
- Re: Fedora 12 Fail dan (Nov 19)
- Re: Fedora 12 Fail Kees Cook (Nov 19)
- Re: Fedora 12 Fail Michael Graham (Nov 18)