The recent redhat-rpm-config change and you
Tomas Mraz
tmraz at redhat.com
Tue Jun 21 11:06:17 UTC 2005
> More (much more?) work for little gain, but likely the correct solution
> would be to configure SELinux policy to recognize a python program
> trying to write a pyo file and allow that to pass. (Coupled with %
> ghosting.)
No, that wouldn't be secure. The written .pyo file could be arbitrary
code which if run again for example from a different security context
could exploit your system even more.
--
Tomas Mraz <tmraz at redhat.com>
More information about the Fedora-maintainers
mailing list