Fanbois huh? vi or emacs? I'm going to be critical here - it is rare that you have personal choice over the tools your system uses. Do the job in front of you. If that means you support windows ME as a security portal(!), that's what you do... at least until you find a better job.
On Thu, Sep 29, 2016 at 12:21 PM, Russell Coker via luv-main < [email protected]> wrote: > On Thursday, 29 September 2016 11:08:00 AM AEST Tim Connors via luv-main > wrote: > > Stop using it! And that part is easy, just run > > > > NOTIFY_SOCKET=/run/systemd/notify systemd-notify "" > > > > in a while 1 loop as an ordinary user. > > > > https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet > > (user_t:SystemLow-s0:c0.c100)root@play:~# NOTIFY_SOCKET=/run/systemd/ > notify > systemd-notify "" > -bash: systemd-notify: command not found > (user_t:SystemLow-s0:c0.c100)root@play:~# ls -l /bin/systemd-notify > ls: cannot access /bin/systemd-notify: Permission denied > (user_t:SystemLow-s0:c0.c100)root@play:~# > > The Jessie SE Linux policy doesn't permit this. So my SE Linux Play > Machine > would be resistant to this attack even if it had a /run/systemd/notify > socket. > > A system configured as a test Play Machine running Debian/Unstable has > /run/ > systemd/notify but unprivileged users (even as root) are not permitted to > access it. So even if a hostile user compiled their own systemd-notify > program or copied it in from another system it still wouldn't do any good. > > The "targeted" policy (the default) would permit this though. > > -- > My Main Blog http://etbe.coker.com.au/ > My Documents Blog http://doc.coker.com.au/ > > _______________________________________________ > luv-main mailing list > [email protected] > https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main > -- Dr Paul van den Bergen
_______________________________________________ luv-main mailing list [email protected] https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
