More PATH fallout. Who decided this was a good idea?
Steve Grubb
sgrubb at redhat.com
Sun Dec 7 16:51:38 UTC 2008
On Sunday 07 December 2008 11:31:54 Enrico Scholz wrote:
> Both 'vipw' and 'ldapadd' are official and documented tools to manage
> user database.
vipw I believe is forbidden due to its ability to circumvent auditing of user-
subject binding. ldap is not part of the evaluation.
However, we could certainly extend the auditing to other programs if we wanted
to. Nothing is preventing this except someone having the time to do it. If you
wanted to add auditing, I'm all for it and don't mind helping where I can.
> > The utilities that would allow you to modify it cannot be accessed
> > unless you are root.
>
> Sounds like "when the algorithm is hidden, the crypto mechanism is
> secure"...
I wouldn't characterize it like that. It means that you have established
proceedures that ensure the Security Objectives are met. As for crypto, the
unprivileged user has access to passwd and that does crypto for them.
-Steve
More information about the fedora-devel-list
mailing list