Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2012-03-01 16:18, Roger Oberholtzer wrote:
On Thu, 2012-03-01 at 15:34 +0100, Carlos E. R. wrote:

You can probably suid the binary.

Yikes. To get perhaps one root capability, you give the application the
world. Quite generous. As they say, with great power comes great
responsibility. I just don't trust the general non-buggy-ness of things.
Fine grained permissions seem a bit more secure.

There is no other way of running it, and this is the kernel fault.

Perhaps it could be made a two part program: a small one running as root
and doing the capturing part, and another doing the gui and processing. But
this doesn't exist.

And on wireshark now and then there have been found security holes.

- --
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 "Celadon" at Telcontar)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk9P2/8ACgkQIvFNjefEBxqCjgCgn+Ypnn+GR+q8RR8HmX+Hr7PO
omkAoJ/QmVjrC5LT9H0jsP8+miM0q5+F
=zRgS
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups