PolicyKit and malware, was: What I HATE about F11
Richard W.M. Jones
rjones at redhat.com
Thu Jun 18 18:09:29 UTC 2009
On Thu, Jun 18, 2009 at 11:02:22AM -0400, Matthias Clasen wrote:
> The retained authorization is only valid for the subject that obtained
> it, which will typically be a process (identified by process id and
> start time) or a canonical bus name. And your malware does not have
> either.
Can the malware inject code into the process which gained the
authentication (eg. using ptrace)?
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the fedora-devel-list
mailing list