On Wed, 2015-11-18 at 21:45 +0000, Ian Malone wrote: > Not really getting this. For any configuration task where you replace > editing a root owned text file with access through some authorised > gui, that gui is still vulnerable.
That gui's code, unlike emacs, doesn't allow you to write arbitrary data to arbitrary files. I can feed arbitrary input events to an emacs window and have it modify any file the process could modify. It's a lot harder to get, say, virt-manager to write arbitrary data to arbitrary places. - ajax -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
