Once upon a time, Sam Varshavchik <[email protected]> said: > If what prelink is doing is perfectly fine, then there's no reason to have > the /sbin/telinit hack in /etc/cron.daily, is it? That statement, of > course, would be either true or false irrespective of what I'm doing, > which is completely irrelevant.
As others have pointed out, that's because init is NOT a standard daemon (if you don't understand why PID 1 is special, I can't help you). You seem to be putting a lot of weight on the executable somebody ran to access your program, over and above all the kernel facilities for handling that (that are sufficient for everybody else, including heavily security-minded folk like OpenBSD devs). Aside from how a pathname is not really a good indicator (see SELinux vs. AppArmor), how do you know the binary hasn't been modified in place? What good is your super-special pathname security then? -- Chris Adams <[email protected]> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- devel mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/devel
