Local users get to play root?
Chris Adams
cmadams at hiwaay.net
Thu Nov 19 14:00:01 UTC 2009
Once upon a time, Ricky Zhou <ricky at fedoraproject.org> said:
> I might be wrong on this, but wouldn't the attacker need to trick
> yum/packagekit into using the malicious repo first? I didn't think that
> was allowed for non-root users.
1.5 words: NetworkManager. Think about it.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the fedora-devel-list
mailing list