More PATH fallout. Who decided this was a good idea?
jkeating at redhat.com
Sat Dec 6 05:55:24 UTC 2008
On Fri, 2008-12-05 at 20:29 -0500, Steve Grubb wrote:
> These are required to be this way for our Common Criteria evaluations.
Is the thought here that if the code can be executed by a non-root user,
the audit of the code would have to be far more strict? If you keep the
user from being able to execute, you don't have to worry as much about
how they might exploit it?
I'm just curious what added security you really get.
Fedora -- Freedom² is a feature!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: This is a digitally signed message part
More information about the fedora-devel-list