|
|
|
|
|
|
by cyphar
2817 days ago
|
|
|
SELinux and AppArmor would allow you to specify that your text editor is allowed to edit .bashrc, but some random other program isn't. But I agree with you that this is not really a useful security feature -- you'd want something where a program has to be explicitly granted permission rather than some programs being able to do things that others can't (because then any attacker will just spawn "vi -c 'bad payload'" to get around the restriction). |
|
|