edgy on x64: Request for extension of the /.hidden file
Ante Karamatic
ivoks at ubuntu.com
Wed Oct 4 07:10:45 BST 2006
Na Sri, 2006-10-04 u 01:47 -0400, t u je napisao:
> isn't the hidden file a security risk for Edgy users? if a local
> attacker finds a way to change it, wouldn't s/he be able to put anything
> s/he wants to the user's home folder, without the user knowing about the
> file. wouldn't this make the .hidden file a specific target of attackers?
Attacker doesn't need hidden dirs or files to hide something (it allways
has /tmp and /var/tmp, tmpfs, etc...). Hidden file isn't a security risk
cause if attacker is able to create files in user's dir, then security
is allready circumvented. So, hidden file is not a cause, but a
consenquence.
--
Ante Karamatić <ivoks at ubuntu.com>
PGP: 0xD3BDA225
More information about the ubuntu-devel
mailing list