On Wednesday 02 December 2009 15:09:46 Dave Ihnat wrote: > Secondly, once you (as the bad guy) get a user to run something for you, > you can start poking at the system itself. In this case, you're looking > for a flaw in the system security itself--either misconfiguration, or > an actual hole in some program or service that a normal user can run > or use. Much harder than Windows, but such flaws have been encountered > in the past. SELinux exists precisely for this purpose --- to combat privilege escalation and contain misbehaving apps. Only kernel vulnerabilities are out of its reach, AFAIK. Best, :-) Marko -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines