[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: RPM security (a newbie question)



"Stanisław T. Findeisen" wrote:
> SELinux will not help you more if it gets overwritten/rootkited by
> malicious RPM package (for instance during the install process).

But then we're back to the question of how such a malicious rpm would
get onto your system.  Someone doing such a thing in %post would get
noticed pretty quickly.  If someone packaged up files that overwrote
files provided by the selinux packages, rpm would complain about those
because they would conflict.  So that avenue is a bit tricky.  It's
not entirely impossible, but it's not really easy either.

I don't think this list is the place to engage in endless discussions
on striving for ultimate security (a state that does not exist,
anywhere).

A much better use of time would be in auditing the software that you
can and in finding ways to help improve the process to plug the
limited number of potential entry points for malicious code to be
installed.

(The quote in my sig is entirely random.  Though I sometimes wonder if
fortune isn't just a bit eerie in its choices. :)

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A paranoid is someone who knows a little of what's going on.
    -- William S. Burroughs

Attachment: pgpnrRFoJrBsL.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]