clock riddle
Steve Grubb
sgrubb at redhat.com
Tue Feb 24 13:42:56 UTC 2009
On Tuesday 24 February 2009 01:40:40 am Gregory Maxwell wrote:
> This shouldn't have been sent to this list: It should have been filed
> as a confidential bug, it's CERT announcement material. I guess its
> too late now.
Yes, I think so, too. From a security PoV, this creates a big problem in log
correlation. An attacker can create a misleading audit trail that might make
something look like it happened at one time while it really happened at
another. You also have time based authentications that could allow access at
disallowed times, and you can also prevent cron jobs from running that
perhaps would have found an intrusion.
A bug should be filed and this should be fixed in all affected releases ASAP.
-Steve
More information about the fedora-test-list
mailing list