PolicyKit and malware, was: What I HATE about F11
Richard W.M. Jones
rjones at redhat.com
Tue Jun 23 21:35:09 UTC 2009
On Tue, Jun 23, 2009 at 12:34:17PM -0400, David Zeuthen wrote:
> 1. The person in front of the system really is the logged-in user
> and authorizes an action
[..]
> An example where 1. is useful includes, funny enough, a last guard
> against having malware dial 1-900 numbers in other countries at $50 per
> hour - e.g. NetworkManager should only allow connections previously
> marked as trusted to use the modem to dial out.
This would be better solved by confining code to performing particular
actions depending on its origin. Just because some code/malware
happens to be running under your UID doesn't mean it should be able to
do everything. It ought to be limited by the provenance of the code.
As a simple example: _NO_ code that comes from some random website
should dial out to _any_ number.
I'm assuming that this is something SELinux can either do now, or else
the SELinux developers are thinking about it ('coz I know from
personal experience that they're smart people).
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the fedora-devel-list
mailing list