[Dailydave] On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns
Steve Grubb
sgrubb at redhat.com
Tue May 15 08:42:59 EDT 2007
On Monday 14 May 2007 15:18, Rodrigo Rubira Branco (BSDaemon) wrote:
> Again our discussion (good discussion, tks for your position!) about
> auto-learning ;)
Let me give you a concrete example. If you have your passwords set to expire
and normally let people into the machine by sshd and you have pam linked in,
you will need sshd to be able to write to /etc/shadow. I would presume that
auto-learning systems would go ahead and grant that access.
The better solution is to create a minimalistic helper program that has just
that capability and can only be run by the parent. It can be confined to just
making the update and the parent which is network facing only able to exec
that program.
Auto learning systems cannot make architectural desicions like that.
-Steve
More information about the Dailydave
mailing list