Local users get to play root?
Bruno Wolff III
bruno at wolff.to
Wed Nov 18 19:56:19 UTC 2009
On Wed, Nov 18, 2009 at 14:44:20 -0500,
Konstantin Ryabitsev <icon at fedoraproject.org> wrote:
> Okay, so someone managed to get local shell via firefox. How does
> installing trusted packages further their nefarious purposes?
There are nuances to trust. Just because you trust a repository to not
intentionally provide tampered packages, doesn't mean you want to trust
specific packages.
More information about the fedora-devel-list
mailing list