[Integrit-users] abort on opendir fail (was Possible issue with integrit)
Brought to you by:
ecashin
Menu
▾
▴
[Integrit-users] abort on opendir fail (was Possible issue with integrit)
|
From: Ed L C. <ec...@te...> - 2001-07-25 15:29:19
|
"James.FitzGibbon" <Jam...@ta...> writes: > I've discovered a way that an attacker might get around integrit. > > When integrit is walking a file tree, it will stop dead if it > encounters a directory that it cannot traverse: I don't agree that it's a way an attacker could get around integrit, but I do think that printing a warning message and continuing might be more helpful behavior. What do folks think? Originally, I thought that integrit would only be used on system-critical areas of the filetree, and root would control the permissions on all the files. I know that people are using integrit on other areas like /home, so I now think that it would be better for integrit to warn and continue. -- --Ed Cashin PGP public key: ec...@te... http://www.terry.uga.edu/~ecashin/pgp/ |
