who provides /etc/sysconfig/selinux?
Jesse Keating
jkeating at j2solutions.net
Wed Apr 7 21:52:08 UTC 2004
On Wednesday 07 April 2004 14:25, Richard Hally wrote:
> Rpm can put files just about anywhere. The installer (anaconda) is a
> corner case but rpm certainly could be a method of attack and as you
> say rpm doesn't always account for a packages files. Looks like a
> trojaned rpm would work and be difficult to spot.
Which is why you shouldn't be installing rouge rpms that are unsigned by
a trusted source (like Red Hat). And really, there are more direct and
equally untrackable ways to own a box w/ a trojan rpm than disabling
your SELinux.
--
Jesse Keating RHCE (geek.j2solutions.net)
Fedora Legacy Team (www.fedoralegacy.org)
GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20040407/d15951f7/attachment.sig>
More information about the fedora-test-list
mailing list