From release notes for FC5T3 (web)
Bruno Wolff III
bruno at wolff.to
Tue Mar 7 15:30:52 UTC 2006
On Tue, Mar 07, 2006 at 17:36:25 +0530,
Rahul Sundaram <sundaram at fedoraproject.org> wrote:
>
> The potential security issues are not limited to open ports and running
> services but having the system affected through exploits on the
> software installed even when you might have never used them.
Well something needs to use them or they aren't going to be a problem. Common
services are generally not going to be able to run them if they get hacked if
you are using SELinux. The main danger is with plugins. Those need to be
examined carefully in any case. (The other case would be if the user was
running them directly, but if they are doing that they are probably going to
want to accept the risk of running the programs in any case.)
More information about the fedora-list
mailing list