On Wednesday 07 April 2004 14:25, Richard Hally wrote:
Rpm can put files just about anywhere. The installer (anaconda) is
a
corner case but rpm certainly could be a method of attack and as you
say rpm doesn't always account for a packages files. Looks like a
trojaned rpm would work and be difficult to spot.
Which is why you shouldn't be installing rouge rpms that are unsigned by
a trusted source (like Red Hat). And really, there are more direct and
equally untrackable ways to own a box w/ a trojan rpm than disabling
your SELinux.
--
Jesse Keating RHCE (
geek.j2solutions.net)
Fedora Legacy Team (
www.fedoralegacy.org)
GPG Public Key (
geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating