Mailinglist Archive: opensuse (3031 mails)
| < Previous | Next > |
Re: [opensuse] OpenSuse 11
- From: Tero Pesonen <teropesonen@xxxxxxxxxxxx>
- Date: Fri, 8 Feb 2008 21:36:24 +0200
- Message-id: <200802082136.24205.teropesonen@xxxxxxxxxxxx>
On Friday 08 February 2008, James Knott wrote:
Not much else? I think that's quite a bit already. If a malicious user
or program got access to my home dir, I would think that as a pretty
damn serious issue. That just *might* ruin my day pretty bad, depending
on what the said user or program were up to.
Tero Pesonen
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Wolfgang Woehl wrote:
Freitag, 8. Februar 2008 Randall R Schulz:
That is manifestly false. It takes an explicit vulnerability for
this to happen. The classic one is unchecked overflow of a buffer
Any given nasty application would need 1 system call to remove your
homedir. Call that "unfair" or "vulnerability", whatever.
How you would run into such a nasty app is another story. But isn't
saying that you couldn't a bit over-optimistic?
Wolfgang
Given that /home is owned by root and mere mortals cannot make any
changes there, how would that happen, from any app a user could run?
If I run some malicious piece of software, the contents of my home
directory may be at risk, along with other files I have write
permissions for, but not much else.
Not much else? I think that's quite a bit already. If a malicious user
or program got access to my home dir, I would think that as a pretty
damn serious issue. That just *might* ruin my day pretty bad, depending
on what the said user or program were up to.
Tero Pesonen
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |