More PATH fallout. Who decided this was a good idea?

Jesse Keating jkeating at
Sat Dec 6 05:55:24 UTC 2008

On Fri, 2008-12-05 at 20:29 -0500, Steve Grubb wrote:
> These are required to be this way for our Common Criteria evaluations.

Is the thought here that if the code can be executed by a non-root user,
the audit of the code would have to be far more strict?  If you keep the
user from being able to execute, you don't have to worry as much about
how they might exploit it?

I'm just curious what added security you really get.

Jesse Keating
Fedora -- Freedom² is a feature!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the fedora-devel-list mailing list