[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: kdesu overrides user's PATH with hardcoded path
From: Oswald Buddenhagen <ossi () kde ! org>
Date: 2008-09-05 6:57:01
Message-ID: 20080905065701.GA19438 () troll08
[Download RAW message or body]
On Thu, Sep 04, 2008 at 03:55:38PM -0700, Michael Howell wrote:
> On Wed, Sep 3, 2008 at 11:40 PM, Oswald Buddenhagen <ossi@kde.org> wrote:
> > *how* is a bad cat supposed to get into ~/bin, huh? why do you want to
> > secure the door of an obviously blown up house?
> >
> Find a security vulnerability in some random application that gives I/O
> access to people on the outside.
>
do you know how ridiculously improbable it is that you get a security
hole that allows you creating executable files in ~/bin but nothing
else?
> Or trick someone into decompressing a rigged archive.
>
that was already debunked.
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Confusion, chaos, panic - my work here is done.
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic