glibc post upgrade
Stephen Smalley
sds at epoch.ncsc.mil
Thu Aug 26 13:44:31 UTC 2004
On Thu, 2004-08-26 at 05:37, Jeff Johnson wrote:
> Malicious code from untrusted package problem not going to be solved by
> rpm_script_t alone afaict either.
Right. We still need a mechanism for distinguishing among packages and
running scriptlets in different domains based on either some property of
the package (the authority that signed it) or some knowledge of the
admin (i.e. he specifies the desired scriptlet domain for all packages
obtained from a given repository in his yum.conf or similar).
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list