On Wed, Apr 26, 2006 at 02:54:15PM -0400, Joshua Brindle wrote:
> Niels Provos wrote:
>
> That is fair. If noone involved considers systrace MAC then I'm less
> inclined to care about its availability, I'm still very concerned about
> privilege escalation and user interaction. I will not concede that this
> sort of activity (particularly the privilege escalation) is very dangerous.
>
Even if it's only allowed to root and/or systraced processes ?
(let's remember that systrace is something that must be very selectively
enabled and that the privilege elevation thing is only available to root on
processes started with systrace)
--
Andrea Barisani <[EMAIL PROTECTED]> .*.
Gentoo Linux Infrastructure Developer V
( )
PGP-Key 0x864C9B9E http://dev.gentoo.org/~lcars/pubkey.asc ( )
0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E ^^_^^
"Pluralitas non est ponenda sine necessitate"
--
gentoo-security@gentoo.org mailing list
