PolicyKit and malware, was: What I HATE about F11
Matthias Clasen
mclasen at redhat.com
Thu Jun 18 19:02:53 UTC 2009
On Thu, 2009-06-18 at 19:09 +0100, Richard W.M. Jones wrote:
> On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
> > The retained authorization is only valid for the subject that obtained
> > it, which will typically be a process (identified by process id and
> > start time) or a canonical bus name. And your malware does not have
> > either.
>
> Can the malware inject code into the process which gained the
> authentication (eg. using ptrace)?
Once you have malware running in your session, there's probably more
important stuff to worry about, like all your data in ~/.firefox...
Anyway, further discussion about details of PolicyKit would be much
better on polkit-devel at lists.freedesktop.org
Matthias
More information about the fedora-devel-list
mailing list