Re: Need some security advice for systemtap
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
David Smith schrieb: (...)
Some basic ideas about how we can allow users without sudo access to run "blessed" scripts/modules can be seen at <http://sources.redhat.com/bugzilla/show_bug.cgi?id=4523>,So, I'm looking for thoughts, criticisms, pointers, etc. to do this in a manner that won't allow a system to be easily compromised. We're in the fairly early stages of this idea, and I'm looking for direction before heading down the wrong road.
Am I right? Is it security based on md5sum?I'm not sure how easy would it be to "produce" two kernel modules having the same MD5 checksum - but before you continue, you might want to read a short article called "Attacking Hash Functions by Poisoned Messages":
http://www.cits.rub.de/MD5Collisions/ -- Tomasz Chmielewski http://wpkg.org -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Coolkey] [Fedora Tools]