RPM security (a newbie question)
"Stanisław T. Findeisen"
sf181257 at students.mimuw.edu.pl
Wed Apr 1 21:58:25 UTC 2009
What does the process of installing new RPM package look like? There are
some commands that such package is allowed to execute, right?
What are RPMs allowed to do, and what is forbidden? Is there any control
layer at all in the package manager, or is the control (e.g., during
package install) simply transferred to RPM-package-provided script??
Also what's the difference between "Everything" and "Fedora" dirs in
Fedora package tree?
I wonder how easy it is to create a rootkit/trojan horse/whatever and
get it loaded on Fedora users' computers.
Thanks!
STF
=======================================================================
http://eisenbits.homelinux.net/~stf/
OpenPGP: 9D25 3D89 75F1 DF1D F434 25D7 E87F A1B9 B80F 8062
=======================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090401/d38ae624/attachment-0001.sig>
More information about the fedora-list
mailing list