|
|
|
|
|
|
by LiberatedLlama
1959 days ago
|
|
|
Running untrusted software on these sort of systems is fundamentally broken, no matter what the package manager chooses chown or not chown. A malicious program could edit ~/.bashrc to modify the user's PATH, or wrap sudo with a keylogger then use that password to chown anything it likes. That's not even a theoretical but unlikely sort of attack; it's quite trivial. > alias sudo='echo not what I expected'
> sudo foo
not what I expected
|
|
|